Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2013-4593
Disclosure Date: December 11, 2019 (last updated November 27, 2024)
RubyGem omniauth-facebook has an access token security vulnerability
0
Attacker Value
Unknown
CVE-2013-4562
Disclosure Date: May 13, 2014 (last updated October 05, 2023)
The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via the state parameter.
0
