Sunday, 12 May 2013

Security Fix: CakePHP 2.3.5 released

CakePHP 2.3.5 has just been released to fix a critical issue with how the webroot property in CakeRequest is handled that could potentially lead to XSS attacks on certain pages. In the following days we will offer a full description of the vulnerability and how it can be exploited, after some reasonable time has passed for our users to upgrade.
crawled from : Cakephp

No comments:

Post a Comment