Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.
Max CVSS
7.5
EPSS Score
0.76%
Published
2014-04-29
Updated
2014-04-29
1 vulnerabilities found