GMS-2023-68: Cross-Site Request Forgery (CSRF)

January 20, 2023

Cross-Site Request Forgery (CSRF) in cakephp/cakephp.

References

bakery.cakephp.org/2015/05/07/cakephp_3_0_4_released.html
github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2015-05-07.yaml
github.com/advisories/GHSA-829q-v5g8-hhxc
github.com/cakephp/cakephp/commit/522ed2f1fb49b00001c1ef8815a6feda790d61dd

Detect and mitigate GMS-2023-68 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →