CVE-2015-4619: CSRF vulnerability

September 7, 2017 (updated September 13, 2017)

The application is vulnerable to Cross-Site Request Forgery because of the lack of “protect_from_forgery” in the Rails controllers.

References

github.com/denkGroot/Spina/commit/bfe44f289e336f80b6593032679300c493735e75

Code Behaviors & Features

Detect and mitigate CVE-2015-4619 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →