2020-06-19 17:16:06
hackerone
PUBLISHED
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.