Bobby McDonald

1 exploit Active since Aug 2022
CVE-2020-36599 WRITEUP CRITICAL WRITEUP
OmniAuth <1.9.2, <2.0 - Info Disclosure
lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value.
CVSS 9.8