Description
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Schools Staff Directory Arbitrary File Upload (1.1)
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16107)
WordPress Plugin BigDoor Quick Gamification for WordPress Cross-Site Scripting (1.0.5)
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-0213)