Monthly Archives: January 2018

Ruby code injection – PortSwigger

Description: ruby ​​code injection Server-side code injection vulnerabilities arise when an application embeds user-controllable data into a string that is dynamically evaluated by a code interpreter. If user data is not strictly validated, an attacker can use crafted entries to modify the code to be executed, and inject arbitrary code …

Read More »