You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ruby on Rails is a server-side web application framework written in Ruby. It is a model-view-controller (MVC) architecture, providing default structures for a database, a web service, and web pages. It is also a popular choice of framework among well known services and products such as Github, Bloomberg, Soudcloud, Groupon, Twitch.tv, and of course, Rapid7s Metasploit.
Ruby on Rails is a server-side web application framework written in Ruby. It is a model-view-controller (MVC) architecture, providing default structures for a database, a web service, and web pages. It is also a popular choice of framework among well known services and products such as Github, Bloomberg, Soundcloud, Groupon, Twitch.tv, and of course, Rapid7s Metasploit.
In development mode, Ruby on Rails versions including 5.2.2 and prior are vulnerable to a remote code execution vulnerability due to a predictable secret_key_base based on the name of the Rails application, and use it to create a signed serialized payload, and gain remote code execution.
