cakephp/cakephp Security Advisories for 4.3.10 (2)
-
[MEDIUM] CakePHP: View::element() is missing a path containment check
PKSA-wx2k-k564-z67n CVE-2026-48820 GHSA-wpvj-hjcr-h3p2
Affected version: <4.5.11|>=4.6.0,<4.6.4|>=5.0.0,<5.1.7|>=5.2.0,<5.2.13|>=5.3.0,<5.3.6
Reported by:
GitHub -
[CRITICAL] CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injection
PKSA-jbfd-4v7c-qszc CVE-2023-22727 GHSA-6g8q-qfpv-57wp
Affected version: >=4.4.0,<4.4.10|>=4.3.0,<4.3.11|>=4.2.0,<4.2.12
Reported by:
GitHub