First published: Thu Mar 12 2015(Updated: )
Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
composer/zendframework/zendframework | >=2.3.0<2.3.6 | 2.3.6 |
composer/zendframework/zend-validator | >=2.3.0<2.3.6 | |
composer/zendframework/zendframework | >=2.3.0<2.3.6 | |
Zend Zend Framework | =2.3.0 | |
Zend Zend Framework | =2.3.1 | |
Zend Zend Framework | =2.3.2 | |
Zend Zend Framework | =2.3.3 | |
Zend Zend Framework | =2.3.4 | |
Zend Zend Framework | =2.3.5 | |
redhat/Zend Framework | <2.3.6 | 2.3.6 |
=2.3.0 | ||
=2.3.1 | ||
=2.3.2 | ||
=2.3.3 | ||
=2.3.4 | ||
=2.3.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.