PT-2023-4480 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to insufficient validation of untrusted input in XML, allowing a remote attacker to bypass file access restrictions via a crafted HTML page. This can impact the...

MGASA-2016-0044 Updated cakephp package fixes security vulnerability

CakePHP, an open-source web application framework for PHP, was vulnerable to SSRF Server Side Request Forgery attacks. Remote attacker can utilize it for at least DoS Denial of Service attacks, if the target application accepts XML as an input. It is caused by insecure design of Cake's Xml class...