Omniauth Oauth2
1 CVEs
product
Monthly
Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
CSRF
Omniauth Oauth2
NVD
GitHub
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-6134
Ruby
EPSS 0%
CVSS 6.8
MEDIUM
PATCH
This Month
Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
CSRF
Omniauth Oauth2
NVD
GitHub