Cross-site Request Forgery (CSRF) Affecting sidekiq package, versions < 3.4.2
Snyk CVSS
Attack Complexity
Low
Scope
Changed
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RUBY-SIDEKIQ-20233
- published 5 Jul 2015
- disclosed 5 Jul 2015
- credit Egor Homakov
Overview
sidekiq
is a background processing package for Ruby.
Affected versions contain a vulnerability that allows forgery of POST requests on certain form elements in the web UI.