[HIGH] SecurityComponent cross form submission issue

PKSA-qkmw-z6y6-8rt4 GHSA-q79m-c546-2g63

Affected package: cakephp/cakephp

Affected version: >=2.0.0,<2.4.8|>=1.3.0,<1.3.18

Reported by:
FriendsOfPHP/security-advisories, GitHub