Description

A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.

Remediation

References

CVE-2020-8167

Related Vulnerabilities

WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Arbitrary File Upload (1.2.2)

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)

WordPress Plugin Swift Landing Page Cross-Site Request Forgery (1.1)

WordPress Plugin WP Google Review Slider SQL Injection (6.1)

Internet Information Services Uncontrolled Resource Consumption Vulnerability (CVE-2009-2521)

Severity

Medium

Classification

CVE-2020-8167 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities