GHSA-68Q5-78XP-CWWC Contao is vulnerable to cross-site scripting in templates

Impact It is possible to inject code into the template output that will be executed in the browser in the front end and back end. Patches Update to Contao 4.13.57, 5.3.42 or 5.6.5. Workarounds Do not use the affected templates or patch them manually. Refsources...

CVE-2025-65961

Contao CMS vulnerability CVE-2025-65961 enables cross-site scripting via template output in affected templates. Affected versions: 4.0.0–4.13.57, 5.0–before 5.3.42, and before 5.6.5. Root cause: injection of code into template output executed in both front-end and back-end browsers. Mitigation/Re...

CVE-2025-65961 Contao is vulnerable to cross-site scripting in templates

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the template output that will be executed in the browser in the front end and back end. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A...

CVE-2025-65960 Contao is vulnerable to remote code execution in template closures

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, back end users with precise control over the contents of template closures can execute arbitrary PHP functions that do not have required parameters. This issue has been patched in versions 4.13.57...

CVE-2025-65960

The CVE-2025-65960 vulnerability affects Contao CMS prior to versions 4.13.57, 5.3.42, and 5.6.5. It exploits insufficient input handling in the Template::once() method within template closures, allowing backend users with content-control privileges to execute arbitrary PHP functions that lack re...

Contao 安全漏洞

Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management and CSS frameworks. A security vulnerability exists in Contao versions 4.0.0 through 4.13.57 prior, 5.3.42 prior, and 5.6.5 prior, which stems from...