CVE-2016-2098

Bookmarked!

This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data

PRO Medium < 1 Hr. 3716 Yellow Badge

Course

This course delves into exploiting the vulnerability CVE-2016-2098, which arises from the erroneous use of the <code>render</code> method on user-supplied data, potentially leading to code execution on a server. Through practical examples and hands-on exercises, learners will master the techniques to safely exploit and understand this vulnerability.

Skills covered

Injection Operating System Network

CWE-20

Included with PRO

Full course content 1 video Common mistakes

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account