Security Bypass Affecting com.typesafe.play:play_2.11 Open this link in a new tab package, versions [2.6.0-M1,2.7.5)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
19 Aug 2020
18 Aug 2020
Kevin Joensen (Doyensec)
How to fix?
com.typesafe.play:play_2.11 to version 2.7.5 or higher.
Affected versions of this package are vulnerable to Security Bypass. In some situations, Play’s contentType.blackList for Cross-Site Request Forgery (CSRF) protection could be bypassed by sending a malformed Content-Type.