CVE-2020-8167 – actionview

Package

Manager: gem
Name: actionview
Vulnerable Version: >=5.0.0 <5.2.4.3 || >=6.0.0 <6.0.3.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00592 pctl0.68297

Details

CSRF Vulnerability in rails-ujs There is a vulnerability in rails-ujs that allows attackers to send CSRF tokens to wrong domains. Versions Affected: rails <= 6.0.3 Not affected: Applications which don't use rails-ujs. Fixed Versions: rails >= 5.2.4.3, rails >= 6.0.3.1 Impact ------ This is a regression of CVE-2015-1840. In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to a cross-origin URL, and the CSRF token will be sent. Workarounds ----------- To work around this problem, change code that allows users to control the href attribute of an anchor tag or the action attribute of a form tag to filter the user parameters. For example, code like this: link_to params to code like this: link_to filtered_params def filtered_params # Filter just the parameters that you trust end

Metadata

Created: 2020-07-07T16:34:10Z
Modified: 2023-08-08T15:14:47Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/07/GHSA-xq5j-gw7f-jgj8/GHSA-xq5j-gw7f-jgj8.json
CWE IDs: ["CWE-352"]
Alternative ID: GHSA-xq5j-gw7f-jgj8
Finding: F007
Auto approve: 1