[HIGH] CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter

PKSA-hv96-tqmc-t3j9 CVE-2015-8379 GHSA-556q-h4vr-pgh2

Affected package: cakephp/cakephp

Affected version: >=2.0.0-alpha,<3.1.5

Reported by:
GitHub