omniauth/omniauth-oauth2

Releases24

Frequency7 months 1 week

Last Release 6 months ago

Stars511

An abstract OAuth2 strategy for OmniAuth.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2012-6134 ↗	Apr 9, 2013Tuesday, 9 April 2013, 20:55	—	6.8 MEDIUM
Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state.