Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-12480

Disclosure Date: August 17, 2020 (last updated February 22, 2025)
In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0