Affecting sinatra gem, versions <1.2.1
sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.
Affected versions of the package are vulnerable to Session Fixation due to missing session secret signing by default.
sinatra to version 1.2.1 or higher.
Do your applications use this vulnerable package?
- Konstantin Haase
- Snyk ID
- 12 Mar, 2011
- 10 Jan, 2018