Contao CSRF Token Bypass
High severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Apr 25, 2024
Description
Published by the National Vulnerability Database
Apr 17, 2019
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Apr 25, 2024
Last updated
Apr 25, 2024
Security researcher Ali Razzaq has discovered that the request token check can be bypassed in Contao 4.7
References