CVE-2020-8167

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions rails versions prior to 6.0.3.1 rails versions prior to 5.2.4.3

Description A CSRF vulnerability exists in the rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. This issue is a regression of a previous vulnerability. In certain scenarios, an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag, triggering a POST action and sending the CSRF token to a cross-origin URL.

Recommendations For versions prior to 5.2.4.3 and 6.0.3.1, update to a fixed version, such as rails >= 5.2.4.3 or rails >= 6.0.3.1, to resolve the issue. As a temporary workaround, consider changing code that allows users to control the href attribute of an anchor tag or the action attribute of a form tag to filter the user parameters, for example, by using filtered params instead of params.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

ALSA-2025_16880

ALT-PU-2020-2321

ALT-PU-2021-2595

ALT-PU-2023-4268

ALT-PU-2024-7814

BDU:2025-08593

CVE-2020-8167

DSA-4766-1

GHSA-XQ5J-GW7F-JGJ8

OPENSUSE-SU-2020:1993-1

OPENSUSE-SU-2020:2000-1

OPENSUSE-SU-2020_1993-1

OPENSUSE-SU-2020_2000-1

OPENSUSE-SU-2024:10589-1

OPENSUSE-SU-2024:11320-1

OPENSUSE-SU-2024:11321-1

OPENSUSE-SU-2024:11823-1

RHSA-2021:1313

SUSE-SU-2020:3036-1

SUSE-SU-2020:3147-1

SUSE-SU-2020:3160-1

SUSE-SU-2023:2059-1

Affected Products

Alt Linux

Red Os

Suse

Rails

CVE-2020-8167

Weakness Enumeration

Related Identifiers

Affected Products

References · 69