Search by 
cakephp/cakephp Security Advisories for 2.9.8 (2)
-
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter
Affected version: >=2.0.0-alpha,<3.1.5
Reported by:
GitHub -
Reported by:
GitHub