AI Score
Confidence
High
EPSS
Percentile
38.7%
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.
community.contao.org/en/forumdisplay.php?4-Announcements
contao.org/en/security-advisories/insert-tag-injection-in-forms.html