MidnightBSD

Advisories for omniauth-oauth2_project

CVE-2012-6134 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
omniauth-oauth2_project omniauth-oauth2 *