Description
CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
Remediation
References
Related Vulnerabilities
WordPress Plugin Cart All In One For WooCommerce Cross-Site Request Forgery (1.1.10)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6403)
WordPress Plugin LearnDash LMS Cross-Site Scripting (3.1.1.1)
MySQL CVE-2024-21130 Vulnerability (CVE-2024-21130)
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)