RubySec

Providing security resources for the Ruby community

OSVDB-126331 (sidekiq-pro): Sidekiq Pro Gem for Ruby CSRF in Job Filtering

Sidekiq Pro Gem for Ruby CSRF in Job Filtering

Published: July 17, 2015

SECURITY IDENTIFIERS

GEM

sidekiq-pro

PATCHED VERSIONS

~> 1.9.3 >= 2.0.6

DESCRIPTION

Sidekiq::Web job filtering lacks CSRF protection. This issue is related to OSVDB-125675.

RELATED

Contact us @rubysec or open an issue on our GitHub repository.

Recent Advisories