SSD Advisory – CakePHP Multiple Vulnerabilities
Vulnerability Description The following advisory describes two (2) different vulnerabilities. One related to CakePHP framework and the other in a product that uses the CakePHP framework: CakePHP Arbitrary Source Address Spoofing Croogo ACL Bypass Credit An independent security researcher Dawid Golunski (https://legalhackers.com/) has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
