CVE-2016-10522

rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*

History

No history.

Information

Published : 2018-07-05 16:29

Updated : 2024-02-28 16:25


NVD link : CVE-2016-10522

Mitre link : CVE-2016-10522

CVE.ORG link : CVE-2016-10522


JSON object : View

Products Affected

rails_admin_project

  • rails_admin
CWE
CWE-352

Cross-Site Request Forgery (CSRF)