CVE-2019-16676

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.

heartcombo/simple_form
heartcombo/simple_form
Forms made easy for Rails! It's tied to a simple DSL, with no opinion on markup.
GitHubGitHub
8.23K