Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
CakePHP: View::element() is missing a path containment check Moderate
CVE-2026-48820 was published for cakephp/cakephp (Composer) Jun 26, 2026
z3moo Credited to z3moo, get-wright, markstory, and dereuromark get-wright get-wright
markstory markstory dereuromark dereuromark
CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scripting Moderate
CVE-2026-23643 was published for cakephp/cakephp (Composer) Jan 16, 2026
phpcss-ankue Credited to phpcss-ankue and markstory markstory markstory
Cross-Site Request Forgery in CakePHP Moderate
CVE-2020-15400 was published for cakephp/cakephp (Composer) Feb 10, 2022
markstory Credited to markstory
ProTip! Advisories are also available from the GraphQL API