Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-b3rg-hy66-hbe5
Vulnerability ID VCID-b3rg-hy66-hbe5
Aliases CVE-2023-22727
GHSA-6g8q-qfpv-57wp
Summary CakePHP is a development framework for PHP web apps. In affected versions the `Cake\Database\Query::limit()` and `Cake\Database\Query::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP's Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.0093 https://api.first.org/data/v1/epss?cve=CVE-2023-22727
cvssv3.1 9.8 https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
generic_textual CRITICAL https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
ssvc Track https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
cvssv3.1_qr CRITICAL https://github.com/advisories/GHSA-6g8q-qfpv-57wp
cvssv3.1 9.8 https://github.com/cakephp/cakephp
generic_textual CRITICAL https://github.com/cakephp/cakephp
cvssv3.1 9.8 https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
generic_textual CRITICAL https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
ssvc Track https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
cvssv3.1 9.8 https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
cvssv3.1_qr CRITICAL https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
generic_textual CRITICAL https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
ssvc Track https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-22727
generic_textual CRITICAL https://nvd.nist.gov/vuln/detail/CVE-2023-22727
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-22727
https://github.com/cakephp/cakephp
https://nvd.nist.gov/vuln/detail/CVE-2023-22727
3f463e7084b5a15e67205ced3a622577cca7a239 https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
cakephp_4211_4311_4410_released.html https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
GHSA-6g8q-qfpv-57wp https://github.com/advisories/GHSA-6g8q-qfpv-57wp
GHSA-6g8q-qfpv-57wp https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:15Z/ Found at https://bakery.cakephp.org/2023/01/06/cakephp_4211_4311_4410_released.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/cakephp/cakephp
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:15Z/ Found at https://github.com/cakephp/cakephp/commit/3f463e7084b5a15e67205ced3a622577cca7a239
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:15Z/ Found at https://github.com/cakephp/cakephp/security/advisories/GHSA-6g8q-qfpv-57wp
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-22727
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.76559
EPSS Score 0.0093
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:29:24.084572+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2023/22xxx/CVE-2023-22727.json 38.6.0