AI Score
Confidence
Low
EPSS
Percentile
21.6%
CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
bakery.cakephp.org/2020/04/18/cakephp_406_released.html