Moderate severityNVD Advisory· Published Aug 5, 2022· Updated Aug 5, 2024
CVE-2016-3098
CVE-2016-3098
Description
Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
administrateRubyGems | < 0.1.5 | 0.1.5 |
Affected products
2- administrate/administratedescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-cc8c-26rj-v2vxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-3098ghsaADVISORY
- github.com/rubysec/ruby-advisory-db/blob/master/gems/administrate/CVE-2016-3098.ymlghsaWEB
- seclists.org/oss-sec/2016/q2/0ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.