ADVISORIES
- CVE-2013-4593 (NVD)
- OSVDB-99888
GEM
SEVERITY
CVSS v2.0: 6.8 (Medium)
PATCHED VERSIONS
- >= 1.5.1
DESCRIPTION
omniauth-facebook Gem for Ruby contains a flaw that is due to the application supporting passing the access token via the URL. This may allow a remote attacker to bypass authentication and authenticate as another user.