CVE-2021-22885

Name of the Vulnerable Software and Affected Versions Action Pack versions 2.0.0 and later Action Pack versions prior to 5.2 with the provided patch Action Pack versions prior to 6.0 with the provided patch Action Pack versions prior to 6.1 with the provided patch

Description The issue is related to a possible information disclosure or unintended method execution in Action Pack when using the redirect to or polymorphic url helper with untrusted user input. This could allow a remote attacker to access confidential data. Vulnerable code may look like redirect to(params[:some param]).

Recommendations For Action Pack version 2.0.0 and later, upgrade to a fixed release or apply one of the provided patches. For Action Pack versions prior to 5.2, apply the 5-2-information-disclosure.patch. For Action Pack versions prior to 6.0, apply the 6-0-information-disclosure.patch. For Action Pack versions prior to 6.1, apply the 6-1-information-disclosure.patch. As a temporary workaround, consider using an allow list for valid parameters passed from the user, such as implementing a check function to validate user input before using it in redirect to. Alternatively, force the user input to be cast to a string, like params[:some param].to s, to minimize the risk of exploitation.