Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code.
References
Link | Resource |
---|---|
https://seclists.org/oss-sec/2016/q2/0 | Mailing List Mitigation Patch Third Party Advisory |
Configurations
Information
Published : 2022-08-05 09:15
Updated : 2022-08-06 20:02
NVD link : CVE-2016-3098
Mitre link : CVE-2016-3098
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
thoughtbot
- administrate