Security fix for XSS vulnerability

Today, a new version (1.1.7.3363) of CakePHP has been released. It fixes a XSS (cross-site scripting) vulnerability in CakePHP, you find the details in ticket #1272. So it is strongly recommended to update. You find the release on CakeForge. This release contains also the SessionHelper I wrote about in the post “New core helper: SessionHelper”.

%d bloggers like this: