Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-12480 - Vulnerability Database
Play Framework

Play Framework Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-12480

Medium
Reference: CVE-2020-12480
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-12480
Title: Play Framework Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

In Play Framework 2.6.0 through 2.8.1 the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can39t be parsed.