mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
763 B
763 B
CVE-2020-8166
%20(CWE-352)&color=brighgreen)
Description
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
POC
Reference
Github
No PoCs found on GitHub currently.