GMS-2023-72: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

January 20, 2023

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in cakephp/cakephp.

References

bakery.cakephp.org/2018/05/20/cakephp_364_3517_3414_released.html
github.com/FriendsOfPHP/security-advisories/blob/master/cakephp/cakephp/2018-05-20.yaml
github.com/advisories/GHSA-xwhj-pqcg-8rcr
github.com/cakephp/cakephp/commit/1ea0c87de729e0dcd53eb6fe3bc86ba739121d8e

Code Behaviors & Features

Detect and mitigate GMS-2023-72 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →