CVE-2020-12480

CVE-2020-12480

EPSS 0.5%

In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.playframework.com/security/vulnerability https://www.playframework.com/security/vulnerability/CVE-2020-12480-CsrfBlacklistBypass