Data-Tags and the New HTML Sanitizer Subverts CSRF protection

Disclosed: 2016-03-13 18:22:03 By benmmurphy To rails

Unknown

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 42728
State: Closed
Substate: resolved
Upvotes: 6

Share this report