Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP prior to 1.1.7.3363 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 ("Not Found") error page. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cakefoundation cakephp 1.1.5.3148 |
||
cakefoundation cakephp |
||
cakefoundation cakephp 1.0.1.2708 |
||
cakefoundation cakephp 1.1.3.2967 |
||
cakefoundation cakephp 1.1.4.3104 |