Route Validation Bypasscall
Affected versions of
call do not validate empty parameters, which may result in a bypass of route validation rules.
Proof of Concept
Triggering Request Path:
Update to version 3.0.2 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedJul 5th, 2016
reportedInitial report by Nicolas MorelJul 5th, 2016