CVE-2018-16477

Name of the Vulnerable Software and Affected Versions Active Storage versions 5.2.0 through 5.2.1.0

Description A bypass issue in Active Storage for Google Cloud Storage and Disk services allows an attacker to modify the content-disposition and content-type parameters, potentially executing HTML files inline. This can be combined with techniques like cookie bombing and specially crafted AppCache manifests to access private signed URLs within a specific storage path. Vulnerable applications are those using either GCS or the Disk service in production.

Recommendations For Active Storage versions 5.2.0 through 5.2.1.0, update to version 5.2.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the content-disposition and content-type parameters until a patch is available.