CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP's Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue.
References
Link | Resource |
---|---|
https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html | Release Notes Vendor Advisory |
https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239 | Patch Third Party Advisory |
https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-01-17T20:41:10.143Z
Updated:
Reserved: 2023-01-06T14:21:05.890Z
Link: CVE-2023-22727
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-17T21:15:16.550
Modified: 2023-01-25T02:23:22.650
Link: CVE-2023-22727
JSON object: View
Redhat Information
No data.
CWE