CVE-2007-5380

2007-10-19T23:17:00
ID CVE-2007-5380
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T03:00:00

Description

Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."