rails_multisite is susceptible to insecure cookie usage. An authenticated remote attacker is able to re-use cookies from rails_multisite
across different sites which share the same secret_key_base.
CPE | Name | Operator | Version |
---|---|---|---|
rails_multisite | le | 3.1.0 | |
rails_multisite | le | 3.1.0 |