jleehr/canto-saas-api
php · jleehr/canto-saas-apiHeads-up
jleehr/canto-saas-api: Unencoded path variables in Request::buildRequestUrl()
Request::buildRequestUrl() inserts path variables without URL encoding, enabling path traversal or injection.
20 Jun 2026 · schedule it
php · jleehr/canto-saas-apiHeads-up
jleehr/canto-saas-api: OAuth2 token request now uses form-encoded POST body, exception messages sanitized
OAuth2 token request now sends credentials in form-encoded POST body instead of URL query parameters; exception messages are sanit
20 Jun 2026 · schedule it