Security fix for XSS vulnerability

Published on and tagged with cakephp

Today, a new version (1.1.7.3363) of CakePHP has been released. It fixes a XSS (cross-site scripting) vulnerability in CakePHP, you find the details in ticket #1272. So it is strongly recommended to update. You find the release on CakeForge. This release contains also the SessionHelper I wrote about in the post “New core helper: SessionHelper”.

Bake a comment




(for code please use <code>...</code> [no escaping necessary])

© daniel hofstetter. Licensed under a Creative Commons License