Vulnerabilities > Cakefoundation > Cakephp > 3.7.6

DATE CVE VULNERABILITY TITLE RISK
2020-06-30 CVE-2020-15400 Cross-Site Request Forgery (CSRF) vulnerability in Cakefoundation Cakephp
CakePHP before 4.0.6 mishandles CSRF token generation. 		4.3
4.3
2019-05-08 CVE-2019-11458 Deserialization of Untrusted Data vulnerability in Cakefoundation Cakephp 3.7.6
An issue was discovered in SmtpTransport in CakePHP 3.7.6.
network
low complexity
cakefoundation CWE-502
6.4
6.4