Security Advisories - PKSA-cj1b-7h6y-vc5q - Packagist

PKSA-cj1b-7h6y-vc5q Security Advisory

[HIGH] CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references

PKSA-cj1b-7h6y-vc5q CVE-2012-4399 GHSA-5964-pq8r-4q62

Affected package: cakephp/cakephp

Affected version: >=2.2.0-beta,<2.2.1|>=2.1.0-alpha,<2.1.5

Reported by:
GitHub