GHSA-hhpq-7wg4-36jmMedium

CakePHP Authentication: Open redirect weakness via backslash bypass

Published
June 17, 2026
Last Modified
June 17, 2026

🔗 CVE IDs covered (1)

📋 Description

Impact

The getLoginRedirect() method contains a weakness to backslash bypasses allowing redirect targets with attacker controlled hostnames.

Patches

3.3.6 and 4.1.1 contain a fix for this issue.

Workarounds

If you are unable to upgrade, you should consider adding application validation to the redirect query string parameter to mitigate this vulnerability.

🎯 Affected products2

  • composer/cakephp/authentication:< 3.3.6
  • composer/cakephp/authentication:>= 4.0.0, < 4.1.1

🔗 References (2)