[HIGH] CVE-2019-12437: Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL

PKSA-34zg-y8wx-jgc2 CVE-2019-12437 GHSA-fx37-56v6-85q6

Affected version: >=2.0.0,<2.0.5|>=3.0.0,<3.1.2|>=3.1.0,<3.1.2

Reported by:
GitHub, FriendsOfPHP/security-advisories

SS-2018-007: CSRF vulnerability in graphql

PKSA-c7x9-smqg-qmjv

Affected version: >=2.0.0,<2.0.3

Reported by:
FriendsOfPHP/security-advisories