2020-08-17 20:45:28
mitre
PUBLISHED
In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that cant be parsed.