Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| zendframework/zendframework(Packagist) | 2.3.0 | 2.3.6 | N/A |
CVSS Metrics
