Security Advisory

CVE-2026-23643

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-16 20:38:45

Last updated 2026-01-16 21:21:56

Assigner GitHub_M

State PUBLISHED

Description

CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1.

← Browse all CVEs View on cve.org ↗