CVE-2013-7134

Published April 29th, 2014

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.

phusion/juvia

A commenting server similar to Disqus and IntenseDebate.

GitHub

1.03K