3 matches found
CVE-2015-1786
Cross-site request forgery CSRF vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers...
CVE-2015-1786
CVE-2015-1786 : A CSRF vulnerability in Zend Framework 2.3.x (Zend/Validator/Csrf) before 2.3.6 arises from handling of token identifiers that can be null or malformed. This could allow an attacker to forge requests and perform unauthorized actions on behalf of a user. Affected software: Zend Fra...
CVE-2015-1786
Cross-site request forgery CSRF vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers...