Vulnerability in actionpack
It is possible to possible to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token for any action for that session.
Versions Affected: rails < 5.2.5, rails < 6.0.4 Not affected: Applications without existing HTML injection vulnerabilities. Fixed Versions: rails >= 184.108.40.206, rails >= 220.127.116.11
Given the ability to extract the global CSRF token, an attacker would be able to construct a per-form CSRF token for that session.
This is a low-severity security issue. As such, no workaround is necessarily until such time as the application can be upgraded.
|Access Vector||Access Complexity||Authentication||Confidentiality Impact||Integrity Impact||Availability Impact|
~> 5.2.4 >= 18.104.22.168 >= 22.214.171.124