Description
Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 ("Not Found") error page. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP SVG Icons Multiple Unspecified Vulnerabilities (3.1.8.1)
Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
osTicket Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-14749)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2246)