CVE-2007-5380: Session fixation vulnerability in Rails
(updated )
Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to “URL-based sessions.”
References
Code Behaviors & Features
Detect and mitigate CVE-2007-5380 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →