VYPR
Moderate severityNVD Advisory· Published Oct 19, 2007· Updated Jun 16, 2026

CVE-2007-5380

CVE-2007-5380

Description

Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
railsRubyGems
< 1.2.41.2.4

Affected products

2

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.