3 matches found
CVE-2014-8144
CVE-2014-8144 concerns the Doorkeeper gem (Rails) and is evidenced by multiple sources in connected documents. The vulnerability is a CSRF flaw in Doorkeeper before 1.4.1 that allows remote attackers to hijack a user’s OAuth authentication by reading a user’s authorization code via unknown vector...
CVE-2014-8144
Cross-site request forgery CSRF vulnerability in doorkeeper before 1.4.1 allows remote attackers to hijack the authentication of unspecified victims for requests that read a user OAuth authorization code via unknown vectors...
Cross-site request forgery (CSRF) vulnerability in doorkeeper 1.4.0 and earlier.
Cross-site request forgery CSRF vulnerability in doorkeeper 1.4.0 and earlier allows remote attackers to hijack the user's OAuth autorization code. This vulnerability has been assigned the CVE identifier CVE-2014-8144. Doorkeeper's endpoints didn't have CSRF protection. Any HTML document on the...