News from Laravel blog 
On November 7th, Chris Smith (@chrismsnz) of Insomnia Security alerted the Laravel development team of a method of bypassing the CSRF verification in Laravel 4 applications.

To patch your applications, modify the default CSRF route filter in the app/filters.php file to the following: 
 
Route::filter('csrf', function()
{
    if (Session::token() !== Input::get('_token'))
    {
        throw new Illuminate\Session\TokenMismatchException;
    }
});
Note that the token comparison has been changed from a != comparison to a !== comparison. This will prevent specially crafted JSON requests from bypassing the filter.

If you are using the CSRF protection feature of Laravel, it is recommended that you apply this patch immediately.