Vulnerabilities > Cakefoundation > Cakephp > 3.7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-30 | CVE-2020-15400 | Cross-Site Request Forgery (CSRF) vulnerability in Cakefoundation Cakephp CakePHP before 4.0.6 mishandles CSRF token generation. | 4.3 |
2019-05-08 | CVE-2019-11458 | Deserialization of Untrusted Data vulnerability in Cakefoundation Cakephp 3.7.6 An issue was discovered in SmtpTransport in CakePHP 3.7.6. | 6.4 |