CVE-2021-35514

CVE-2021-35514

EPSS 1.4%

Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/whiteleaf7/narou/blob/develop/ChangeLog.md#380-20210627 https://vuln.ryotak.me/advisories/51