2 matches found
GHSA-6HG4-VP5Q-47MW CakePHP allows direct access of prefixed controller actions
Unconventional URL paths would allow direct access to prefixed actions without setting the correct request parameters...
PT-2023-32983 · Packagist · Cakephp/Cakephp
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows unconventional URL paths to enable direct access to prefixed actions without correctly setting the request parameters. Recommendations: At the moment, there is no...