Macournoyer : Security Vulnerabilities, CVEs, CVSS score >= 3
lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header.
Max CVSS
7.5
EPSS Score
0.28%
Published
2009-09-22
Updated
2009-09-22
1 vulnerabilities found