Vulnerabilities > Rails Admin Project > Rails Admin > 0.6.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-12 | CVE-2020-36190 | Cross-site Scripting vulnerability in Rails Admin Project Rails Admin RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows XSS via nested forms. | 4.3 |
2018-07-05 | CVE-2016-10522 | Cross-Site Request Forgery (CSRF) vulnerability in Rails Admin Project Rails Admin rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. | 6.8 |