source: http://www.securityfocus.com/bid/37322/info Ruby on Rails is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions, gain unauthorized access to the affected application, or delete certain data. Other attacks are also possible. /** * Redmine <= 0.8.6 CSRF Add Admin User Exploit * Discovered by: p0deje (http://p0deje.blogspot.com) * Application: http://www.redmine.org/wiki/redmine/Download * SA: http://www.redmine.org/news/30 * Date: 13.11.2009 * Versions affected: <= 0.8.6 * Description: this is a simple exploit which exploits CSRF vulnerability in Redmine, it creates user account with adminstartive rights */ /** * P.S. Actually, this vulnerability wasn't fixed in Redmine 0.8.7, because token was generated one time for all the pages and allthe users. * Thus, you can add POST data with token of any user and exploit will be working again */