In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token.Referenceshttps://owasp.org/www-project-csrfguard/https://github.com/reidmefirst/vuln-disclosure/blob/main/2021-01.txt
