Security Advisories - cakephp/cakephp - Packagist

cakephp/cakephp Security Advisories for 4.0.0-beta1 (2)

CakePHP allows method override parameters to bypass CSRF checks

CVE-2020-35239

Affected version: >=4.1.0,<4.1.4|>=4.0.0,<4.0.10

Reported by:
GitHub
Cross-Site Request Forgery in CakePHP

CVE-2020-15400

Affected version: <3.10.3|>=4.0.0,<4.0.6

Reported by:
GitHub