cakephp/cakephp Security Advisories for 3.0.18 (3)
-
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter
Affected version: >=2.0.0-alpha,<3.1.5
Reported by:
GitHub -
Reported by:
GitHub -
Unsafe deserialization in SmtpTransport
Affected version: >=3.0.0,<3.5.18|>=3.6.0,<3.6.15|>=3.7.0,<3.7.7
Reported by:
FriendsOfPHP/security-advisories, GitHub