Fluid Attacks Database

Description

Private information access through CSRF

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rubygems	spree	>=0 <2.2.10 \|\| >=2.3.0a <2.3.8 \|\| >=3.0.0a <3.0.0.rc4 \|\| >=2.4.0a <2.4.5	2.2.10, 2.3.8, 2.4.5, 3.0.0.rc4

Aliases

References

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.