Описание
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | needs-triage | |
| jammy | needs-triage | |
| noble | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 5%
0.00021
Низкий
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
3 месяца назад
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1.
CVSS3: 5.4
debian
3 месяца назад
CakePHP is a rapid development framework for PHP. The PaginatorHelper: ...
CVSS3: 5.4
github
3 месяца назад
CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting
EPSS
Процентиль: 5%
0.00021
Низкий
5.4 Medium
CVSS3