309 matches found
CVE-2026-55590
CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...
CVE-2026-55590 CakePHP: Open redirect weakness via backslash bypass
CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...
CVE-2026-55590
CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...
CVE-2026-55590
The CVE-2026-55590 entry concerns the CakePHP Authentication plugin (CakePHP, PSR-7 compatible) with a backslash bypass in getLoginRedirect() that enables open redirects to attacker-controlled hostnames through the redirect query parameter. Affected versions: prior to 2.11.1, 3.3.6, and 4.1.1. Th...
EUVD-2026-37807
CakePHP: View::element is missing a path containment check...
PT-2026-51293
Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description Multiple core controllers and model capture paths accept client-controlled request fields, including primary keys id and ownership or scope foreign keys such as event id, org id, user id, sharin...
CVE-2026-48820
CakePHP is a rapid development framework for PHP. In versions 4.5.11 and earlier, 4.6.0 through 4.6.3, 5.0.0 through 5.1.6, 5.2.0 through 5.2.12, and 5.3.0 through 5.3.5, View::getElementFileName does not check that the resolved element path is within the application/plugin view template paths...
CVE-2026-48820 CakePHP: View::element() is missing a path containment check
CakePHP is a rapid development framework for PHP. In versions 4.5.11 and earlier, 4.6.0 through 4.6.3, 5.0.0 through 5.1.6, 5.2.0 through 5.2.12, and 5.3.0 through 5.3.5, View::getElementFileName does not check that the resolved element path is within the application/plugin view template paths...
CVE-2026-48820
The CakePHP CVE-2026-48820 vulnerability affects View::_getElementFileName(), where the resolved element path is not validated to be within the application/plugin view template paths. This can allow crafted user-supplied data to include other PHP files on the server. Affected versions span 4.5.11...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect in the getLoginRedirect function. An attacker can redirect users to an attacker-controlled hostname by exploiting a backslash bypass in the redirect target. Remediation Upgrade cakephp/authentication to version 3.3.6, 4.1....
CakePHP Authentication: Open redirect weakness via backslash bypass
Impact The getLoginRedirect method contains a weakness to backslash bypasses allowing redirect targets with attacker controlled hostnames. Patches 3.3.6 and 4.1.1 contain a fix for this issue. Workarounds If you are unable to upgrade, you should consider adding application validation to the...
PT-2026-50550
Name of the Vulnerable Software and Affected Versions CakePHP versions prior to 4.5.11 CakePHP versions 4.6.0 through 4.6.3 CakePHP versions 5.0.0 through 5.1.6 CakePHP versions 5.2.0 through 5.2.12 CakePHP versions 5.3.0 through 5.3.5 Description The getElementFileName function in the View class...
EUVD-2026-36552
A mass assignment vulnerability exists in MISP’s sharing group creation endpoint. When creating a new sharing group, the controller did not remove a user-supplied id field before saving the submitted data. In CakePHP, supplying a primary key in the save data can cause a create followed by save...
CVE-2026-54360
CVE-2026-54360 affects MISP: the mass assignment in the sharing group creation flow (SharingGroupsController::add) allows an authenticated user to submit an existing group’s id, causing a create() followed by save() to update that group. This could enable takeover or alteration of sharing groups ...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
Linux Distros Unpatched Vulnerability : CVE-2026-23643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross- site-scripting vulnerability via query string parameter...
Cross-site Scripting (XSS)
Overview cakephp/cakephp is a rapid development framework for PHP which uses commonly known design patterns like Associative Data Mapping, Front Controller, and MVC. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the PaginatorHelper::limitControl function. An...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
DEBIAN-CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...
CVE-2026-23643
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...