On November 7th, Chris Smith (@chrismsnz) of Insomnia Security alerted the Laravel development team of a method of bypassing the CSRF verification in Laravel 4 applications.
From: Laravel Development Blog
To patch your applications, modify the default CSRF route filter in the
app/filters.php file to the following:
Note that the token comparison has been changed from a != comparison to a !== comparison. This will prevent specially crafted JSON requests from bypassing the filter.
You also need to update to
v2.2.8 to receive the security fixes for CSRF on the administration/backend interface.
If you are using the CSRF protection feature of Laravel/Orchestra Platform, it is recommended that you apply this patch immediately.