[CVE-2026-23643] [CakePHP]The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation.

January 17, 2026 00:01:04
[CVE-2026-23643] [CakePHP]The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation.
The Daily Cyberspace Information
[CVE-2026-23643] [CakePHP]The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation.

Jan 17 2026 | 00:01:04

/

Show Notes

[CVE-2026-23643] CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl() method has a cross-site-scripting vulnerability via query string parameter manipulation.

Previous Episode

Other Episodes

Episode

January 17, 2026 00:02:51
Episode Cover

[CVE-2026-23745][node-tar library]Insufficient Link Path Sanitization

The node-tar library (Version 7.5.2 or earlier) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default...

Listen

Episode

January 08, 2026 00:00:23
Episode Cover

Authentication bypass vulnerability in OpenBlocks series

Overview OpenBlocks series provided by Plat'Home Co.,Ltd. contains an authentication bypass vulnerability. Products Affected OpenBlocks IoT DX1 (FW5.0.x) all versions prior to FW5.0.8 OpenBlocks...

Listen

Episode

January 11, 2026 00:04:17
Episode Cover

The state of cybersecurity in Japan as of January 11, 2026.

The state of cybersecurity in Japan as of January 11, 2026.

Listen