CVE-2021-28490
In OWASP CSRFGuard (through 3.1.0), a CSRF vulnerability exists where the CSRF cookie can be retrieved using only a session token. This results from the cookie handling logic enabling CSRF token exposure via a session token, enabling CSRF attacks under network conditions with no authentication re...