Invalid input to route validation rules
Vulnerable: >= 2.0.1 <3.0.2
Affected versions of
call do not validate empty parameters, which may result in a bypass of route validation rules.
Proof of Concept
Triggering Request Path:
Update to version 3.0.2 or later.