Ruby on Rails disclosed on HackerOne: RCE which may occur due to...

Since `ActiveSupport::MessageVerifier` and `ActiveSupport::MessageEncryptor` use Marshal as the default serializer, I confirmed that RCE is possible by object injection. ```ruby # https://github.com/rails/rails/blob/v5.2.2/activesupport/lib/active_support/message_verifier.rb#L110 def initiali…
hackerone.com hackerone.com