CVE-2016-3098

CVE-2016-3098 describes a Cross-site request forgery (CSRF) vulnerability in the Administrate Rails dashboard (versions 0.1.4 and earlier) that can allow remote attackers to hijack a user’s OAuth authorization code. The vulnerability is documented across multiple sources (including Red Hat, GHSA,...