diff --git a/Gemfile b/Gemfile
index a194a6c76..ef7064d70 100644
--- a/Gemfile
+++ b/Gemfile
@@ -24,6 +24,9 @@ gem 'yomu'
 gem 'doorkeeper', '>= 4.6'
 gem 'omniauth'
 gem 'omniauth-linkedin-oauth2'
+
+# TODO: remove this when omniauth gem resolves CVE issues
+# Prevents CVE-2015-9284 (https://github.com/omniauth/omniauth/wiki/FAQ#cve-2015-9284-warnings)
 gem 'omniauth-rails_csrf_protection', '~> 0.1'
 
 # Gems for API implementation
diff --git a/Gemfile.lock b/Gemfile.lock
index a50b2e6a9..ccf2ab9c9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -353,6 +353,9 @@ GEM
     omniauth-oauth2 (1.6.0)
       oauth2 (~> 1.1)
       omniauth (~> 1.9)
+    omniauth-rails_csrf_protection (0.1.2)
+      actionpack (>= 4.2)
+      omniauth (>= 1.3.1)
     orm_adapter (0.5.0)
     overcommit (0.47.0)
       childprocess (~> 0.6, >= 0.6.3)
@@ -627,6 +630,7 @@ DEPENDENCIES
   nokogiri (~> 1.10.3)
   omniauth
   omniauth-linkedin-oauth2
+  omniauth-rails_csrf_protection (~> 0.1)
   overcommit
   paperclip (~> 6.1)
   pg (~> 1.1.4)
diff --git a/app/views/users/shared/_links.html.erb b/app/views/users/shared/_links.html.erb
index 4a1e5a63d..91f2fec81 100644
--- a/app/views/users/shared/_links.html.erb
+++ b/app/views/users/shared/_links.html.erb
@@ -27,7 +27,7 @@
 
   <%- if Rails.configuration.x.enable_user_registration && Rails.configuration.x.linkedin_signin_enabled && @oauth_authorize != true %>
     <%- if devise_mapping.omniauthable? && resource_class.omniauth_providers.any? && controller_name != 'registrations' %>
-      <%= link_to omniauth_authorize_path(resource_name, :linkedin), method: :post :title => "Sign in with LinkedIn" do %>
+      <%= link_to omniauth_authorize_path(resource_name, :linkedin), method: :post, :title => "Sign in with LinkedIn" do %>
         <%= image_tag('linkedin/Sign-in-Large---Default.png',
                       class: 'linkedin-signin-button',
                       alt: "Sign in with LinkedIn",