GHSA-829Q-V5G8-HHXC CakePHP has incorrect Cross-Site Request Forgery validation

CsrfComponent fails to invalidate requests that are missing both the CSRF token, and CSRF post data...

CakePHP has incorrect Cross-Site Request Forgery validation

CsrfComponent fails to invalidate requests that are missing both the CSRF token, and CSRF post data...

CakePHP 3.0.4 Released

CakePHP 3.0.4 Released The CakePHP core team is happy to announce the immediate availability of CakePHP 3.0.4. This is a maintenance release that contains security fixes and bugfixes. Security Fixes There are two issues that can impact the security of a CakePHP application: CsrfComponent fails to...