[HIGH] The CSRF token check can be bypassed

PKSA-gf4r-bjyy-3fwt CVE-2019-10642 GHSA-hwmh-9jj9-8c9c

Affected package: contao/core-bundle

Affected version: >=4.7.0,<4.7.3

Reported by:
FriendsOfPHP/security-advisories, GitHub