Lucene search
Veracode Vulnerability DatabaseVERACODE:33201HistoryDec 08, 2021 - 3:32 a.m.
Man-in-the-Middle (MitM)
2021-12-0803:32:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
man-in-the-middle
vulnerability
device extension
EPSS
0.003
Percentile
66.0%
devise_masquerade is vulnerable to man-in-the-middle attacks. An attacker can impersonate any user by manipulating masquerade back functionality of the device extension.
References
Related
prion
prion
Code injection
2021-12-07 21:15:00
cvelist
cvelist
CVE-2021-28680
2021-12-07 20:32:18
osv
osv
Improper Privilege Management in devise_masquerade
2021-12-08 19:55:30
CVE-2021-28680
2021-12-07 21:15:08
cnvd
cnvd
Alexandr Korsak Devise Masquerade has an unspecified vulnerability
2021-12-08 00:00:00
rubygems
rubygems
Improper Privilege Management in devise_masquerade
2021-12-07 21:00:00
nvd
nvd
CVE-2021-28680
2021-12-07 21:15:08
cve
cve
CVE-2021-28680
2021-12-07 21:15:08
github
github
Improper Privilege Management in devise_masquerade
2021-12-08 19:55:30