ADVISORIES
GEM
PATCHED VERSIONS
- >= 0.1.5
DESCRIPTION
Administrate::ApplicationController
actions didn’t have CSRF protection. Remote attackers can hijack user’s sessions and use any functionality that administrate exposes on their behalf.
Get Updates: | Via Atom | On Twitter | On GitHub |
Administrate::ApplicationController
actions didn’t have CSRF protection. Remote attackers can hijack user’s sessions and use any functionality that administrate exposes on their behalf.