Description
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Qiniu Uploader Cross-Site Scripting (0.1)
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0204)
WordPress Plugin Stock market charts from finviz Cross-Site Scripting (1.0)
WordPress Plugin Google Maps CP Cross-Site Scripting (1.0.3)