CVEs (1)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Omniauth Oauth2 Project 1Omniauth Oauth2 Apr 29, 2026 Apr 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state. |