CVE-2023-22727

CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP's Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cakephp:cakephp:*:*:*:*:*:*:*:*
cpe:2.3:a:cakephp:cakephp:*:*:*:*:*:*:*:*
cpe:2.3:a:cakephp:cakephp:*:*:*:*:*:*:*:*

History

25 Jan 2023, 02:23

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:cakephp:cakephp:*:*:*:*:*:*:*:*
First Time Cakephp
Cakephp cakephp
References (MISC) https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp - (MISC) https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp - Third Party Advisory
References (MISC) https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html - (MISC) https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html - Release Notes, Vendor Advisory
References (MISC) https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239 - (MISC) https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239 - Patch, Third Party Advisory

17 Jan 2023, 23:01

Type Values Removed Values Added
New CVE

Information

Published : 2023-01-17 21:15

Updated : 2023-01-25 02:23


NVD link : CVE-2023-22727

Mitre link : CVE-2023-22727


JSON object : View

Products Affected

cakephp

  • cakephp
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')