Description
Devise is a flexible authentication solution for Rails based on Warden. Devise is vulnerable to a password reset exploit leveraging type confusion. Using a specially crafted request, an attacker could trick the database type conversion code to return incorrect records. For some token values this could allow an attacker to bypass the proper checks and gain control of other accounts.
Remediation
Upgrade to the latest version of Devise (this issue was fixed in v2.2.3, v2.1.3, v2.0.5 and v1.5.4).
References
Related Vulnerabilities
WordPress Plugin CardGate Payments for WooCommerce Security Bypass (3.1.15)
WordPress Plugin Comment Rating SQL Injection and Security Bypass Weakness Vulnerabilities (2.9.32)
WordPress Plugin WP Support Plus Responsive Ticket System Security Bypass (7.1.4)
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Security Bypass (2.0.15)
WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)