製品・ソフトウェアに関する情報

JVN脆弱性詳細

CakePHP における CSRF 保護メカニズムを回避される脆弱性

タイトル	CakePHP における CSRF 保護メカニズムを回避される脆弱性
概要	CakePHP には、CSRF 保護メカニズムを回避される脆弱性が存在します。
想定される影響	第三者により、_method パラメータを介して、CSRF 保護メカニズムを回避される可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2015年11月29日0:00
登録日	2016年1月29日11:45
最終更新日	2016年1月29日11:45

CVSS2.0 : 警告
スコア	6.8
ベクター	AV:N/AC:M/Au:N/C:P/I:P/A:P

影響を受けるシステム

Cake Software Foundation

CakePHP 2.x

CakePHP 3.1.5 未満の 3.x

CakePHP 2.x

CakePHP 3.1.5 未満の 3.x

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-8379	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8379
2	CVE-2015-8379	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8379
National Vulnerability Database (NVD)
3	CVE-2015-8379	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8379
4	CVE-2015-8379	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8379

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-352	https://jvndb.jvn.jp/ja/cwe/CWE-352.html
2	CWE-352	https://jvndb.jvn.jp/ja/cwe/CWE-352.html

ベンダー情報

No	名前	URL
CakePHP
1	CakePHP 3.1.5 Released	http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html
2	CakePHP 3.1.5 Released	http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html
GitHub
3	Only allow GET, HEAD, OPTIONS to not have CSRF tokens.	https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0
4	Only allow GET, HEAD, OPTIONS to not have CSRF tokens.	https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0

変更履歴

No	変更内容	変更日
0	[2016年01月29日] 掲載	2018年2月17日10:37
0	[2016年01月29日] 掲載	2018年2月17日10:37

NVD脆弱性情報

CVE-2015-8379

概要	CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter.
公表日	2016年1月27日4:59
登録日	2021年1月26日14:58
最終更新日	2024年11月21日11:38

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:cakephp:cakephp:2.5.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.3.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.4.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.8:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:dev2::::::
cpe:2.3:a:cakephp:cakephp:2.5.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.0:beta1::::::
cpe:2.3:a:cakephp:cakephp:2.7.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.3.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.3:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.1.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.12:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc3::::::
cpe:2.3:a:cakephp:cakephp:2.7.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.0.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:beta3::::::
cpe:2.3:a:cakephp:cakephp:2.2.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.3:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.11:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:beta::::::
cpe:2.3:a:cakephp:cakephp:3.0.12:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:beta1::::::
cpe:2.3:a:cakephp:cakephp:2.4.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.4:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.15:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.6:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:alpha1::::::
cpe:2.3:a:cakephp:cakephp:2.4.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.3.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.1.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.7.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:alpha::::::
cpe:2.3:a:cakephp:cakephp:2.5.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.0.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.4.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.1.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.4:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.14:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:alpha2::::::
cpe:2.3:a:cakephp:cakephp:2.7.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:dev1::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.7:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.5:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.11:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:dev::::::
cpe:2.3:a:cakephp:cakephp:2.4.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:3.0.13:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.3.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.8:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:dev3::::::
cpe:2.3:a:cakephp:cakephp:2.3.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.8.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.0.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:beta::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:beta2::::::
cpe:2.3:a:cakephp:cakephp:2.0.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.1.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.4.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:alpha::::::
cpe:2.3:a:cakephp:cakephp:2.7.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.0:beta2::::::
cpe:2.3:a:cakephp:cakephp:3.1.0:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:cakephp:cakephp:2.5.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.3.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.4.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.8:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:dev2::::::
cpe:2.3:a:cakephp:cakephp:2.5.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.0:beta1::::::
cpe:2.3:a:cakephp:cakephp:2.7.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.3.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.3:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.1.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.12:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc3::::::
cpe:2.3:a:cakephp:cakephp:2.7.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.0.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:beta3::::::
cpe:2.3:a:cakephp:cakephp:2.2.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.3:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.11:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:beta::::::
cpe:2.3:a:cakephp:cakephp:3.0.12:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:beta1::::::
cpe:2.3:a:cakephp:cakephp:2.4.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.4:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.15:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.6:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:alpha1::::::
cpe:2.3:a:cakephp:cakephp:2.4.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.9:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.3.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.1.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.7.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:alpha::::::
cpe:2.3:a:cakephp:cakephp:2.5.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.0.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.0:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:2.4.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:beta::::::
cpe:2.3:a:cakephp:cakephp:2.1.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.9:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.4:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.14:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.1:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:alpha2::::::
cpe:2.3:a:cakephp:cakephp:2.7.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.1.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:dev1::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.7.7:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.5:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.11:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:dev::::::
cpe:2.3:a:cakephp:cakephp:2.4.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:3.0.13:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.6.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.8:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.3.1:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.2:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.8:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.0.0:dev3::::::
cpe:2.3:a:cakephp:cakephp:2.3.4:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.3.0:rc2::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.8.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.0.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.7:::::::*
cpe:2.3:a:cakephp:cakephp:2.6.10:::::::*
cpe:2.3:a:cakephp:cakephp:2.4.0:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:beta::::::
cpe:2.3:a:cakephp:cakephp:3.0.0:beta2::::::
cpe:2.3:a:cakephp:cakephp:2.0.5:::::::*
cpe:2.3:a:cakephp:cakephp:2.2.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:3.1.0:rc1::::::
cpe:2.3:a:cakephp:cakephp:2.4.3:::::::*
cpe:2.3:a:cakephp:cakephp:2.0.0:alpha::::::
cpe:2.3:a:cakephp:cakephp:2.7.6:::::::*
cpe:2.3:a:cakephp:cakephp:2.5.2:::::::*
cpe:2.3:a:cakephp:cakephp:3.1.0:beta2::::::
cpe:2.3:a:cakephp:cakephp:3.1.0:::::::*

No	URL	タグ
1	http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html	Vendor Advisory
2	http://bakery.cakephp.org/2015/11/29/cakephp_315_released.html	Vendor Advisory
3	http://blog.mindedsecurity.com/2016/01/request-parameter-method-may-lead-to.html	Exploit
4	http://blog.mindedsecurity.com/2016/01/request-parameter-method-may-lead-to.html	Exploit
5	http://karmainsecurity.com/KIS-2016-01	Exploit
6	http://karmainsecurity.com/KIS-2016-01	Exploit
7	http://packetstormsecurity.com/files/135301/CakePHP-3.2.0-CSRF-Bypass.html	Exploit
8	http://packetstormsecurity.com/files/135301/CakePHP-3.2.0-CSRF-Bypass.html	Exploit
9	http://seclists.org/fulldisclosure/2016/Jan/42	Exploit
10	http://seclists.org/fulldisclosure/2016/Jan/42	Exploit
11	http://www.securityfocus.com/archive/1/537317/100/0/threaded
12	http://www.securityfocus.com/archive/1/537317/100/0/threaded
13	https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0	Patch
14	https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196bf7623e1e94a50230f0	Patch

No	CWE	名前	URL
1	CWE-352	クロスサイト・リクエスト・フォージェリ（CSRF）	https://cwe.mitre.org/data/definitions/352.html
2	CWE-352	同一生成元ポリシー違反	https://cwe.mitre.org/data/definitions/346.html