CVE-2012-6134

2013-04-09T16:55:01
ID CVE-2012-6134
Type cve
Reporter NVD
Modified 2013-04-15T00:00:00

Description

Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state.