CVE-2014-125054
MEDIUMreddit-on-rails < 2014-12-19 - Improper Access Control in Vote Handler
Title source: llmDescription
A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The patch is identified as 7f3c7407d95d532fcc342b00d68d0ea09ca71030. It is recommended to apply a patch to fix this issue. VDB-217594 is the identifier assigned to this vulnerability.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.217594
Third Party Advisory, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.217594
Patch, Third Party Advisory patch
https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030
Scores
CVSS v3
4.3
EPSS
0.0056
EPSS Percentile
42.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-284
Status
published
Products (1)
reddit-on-rails_project/reddit-on-rails
< 2014-12-19
Published
Jan 07, 2023
Tracked Since
Feb 18, 2026