MidnightBSD

Advisories for plack::middleware::xsrfblock_project

CVE-2023-52431

The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie (if signed cookies are disabled).

Products Affected

Vendor Product Version
plack::middleware::xsrfblock_project plack::middleware::xsrfblock *