CVE-2018-10966
N/A
N/A
Summary
An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. An attacker can edit the Passport.js contents of the session cookie to contain the ID number of the account they wish to take over, and re-sign it using the hard coded secret.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/GamerPolls/gamerpolls.com/pull/56
- https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58
- https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune
References
- https://github.com/GamerPolls/gamerpolls.com/pull/56
- https://github.com/GamerPolls/gamerpolls.com/blob/03ccbaf219410e0a45390d0efc12017f08a25282/config/environments/all.js#L58
- https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.