Vulnerability Description
CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP's Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cakephp | Cakephp | >= 4.2.0, < 4.2.12 |
Related Weaknesses (CWE)
References
- https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.htmlRelease NotesVendor Advisory
- https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a2PatchThird Party Advisory
- https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wpThird Party Advisory
- https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.htmlRelease NotesVendor Advisory
- https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a2PatchThird Party Advisory
- https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wpThird Party Advisory
FAQ
What is CVE-2023-22727?
CVE-2023-22727 is a vulnerability with a CVSS score of 9.8 (CRITICAL). CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sa...
How severe is CVE-2023-22727?
CVE-2023-22727 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-22727?
Check the references section above for vendor advisories and patch information. Affected products include: Cakephp Cakephp.