[HIGH] CVE-2019-12437: Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL

PKSA-34zg-y8wx-jgc2 CVE-2019-12437 GHSA-fx37-56v6-85q6

Affected package: silverstripe/graphql

Affected version: >=2.0.0,<2.0.5|>=3.0.0,<3.1.2|>=3.1.0,<3.1.2

Reported by:
GitHub, FriendsOfPHP/security-advisories