CVE-2020-8166

Published: 2020-07-02T19:15Z

Last Modified: 2024-11-21T05:38Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt