What the vulnerability does

01Description

A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.

Key dates

02Disclosure timeline

June 19, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE