Description

Each Ruby on Rails web application contains a secret token (usually stored in the file secret_token.rb). This token secret_token is used to sign cookies that the application sets. Without this, it's impossible to trust cookies that the browser sends, and hence difficult to rely on session based authentication. It's very important that an attacker doesn't know the value of this secret token. Your application is using a weak/known token and Acunetix managed to guess this token. Knowing the secret token allows an attacker to impersonate any user in the application and even achive Remote Code Execution by deserialization of a crafted Ruby Object.

Remediation

Change the value of the secret_token (from RAILS_ROOT/config/initializers/secret_token.rb) to a random string.

References

Related Vulnerabilities