Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-8166

Disclosure Date: July 02, 2020 (last updated October 07, 2023)
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0