Vulnerabilities > Thoughtbot > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2016-3098 | Cross-Site Request Forgery (CSRF) vulnerability in Thoughtbot Administrate Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code. | 5.4 |
| 2021-09-12 | CVE-2021-23435 | Open Redirect vulnerability in Thoughtbot Clearance This affects the package clearance before 2.5.0. | 6.1 |