[HIGH] CakePHP allows method override parameters to bypass CSRF checks

PKSA-r2cj-nv22-p8zs CVE-2020-35239 GHSA-9pgx-pf36-w46r

Affected version: >=4.1.0,<4.1.4|>=4.0.0,<4.0.10

Reported by:
GitHub