Remote Code Execution Vulnerability in Ruby on Windows via Crafted TmpDir Parameter

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.

Learn more about our Web App Pen Testing.