5 matches found
Cross-Site Request Forgery (CSRF)
fieldtest is vulnerable to cross-site request forgery CSRF. The library does not verify authenticity of non-session based authentication...
Cross-site Request Forgery (CSRF)
Overview fieldtest is an A/B testing library for Rails. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF with non-session based authentication methods. Remediation Upgrade fieldtest to version 0.4.0 or higher. References - GitHub Issue...
Cross-site Request Forgery (CSRF)
Overview pghero is a performance dashboard for Postgres. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. The Ruby gem is vulnerable with non-session based authentication methods like basic authentication - session-based authentication methods like Devise's...
Field Test CSRF vulnerability
The Field Test dashboard is vulnerable to cross-site request forgery CSRF with non-session based authentication methods in versions v0.2.0 through v0.3.2. Impact The Field Test dashboard is vulnerable to CSRF with non-session based authentication methods, like basic authentication. Session-based...
CSRF Vulnerability with Non-Session Based Authentication
The PgHero dashboard is vulnerable to CSRF with non-session based authentication methods. Impact The PgHero dashboard is vulnerable to cross-site request forgery CSRF. This affects the Docker image, Linux packages, and in specific cases, the Ruby gem. The Ruby gem is vulnerable with non-session...