2 matches found
CVE-2025-65961
creationtimestamp| type| source ---|---|--- 2025-11-25 22:10:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6iea5sfvy2b...
CVE-2025-65961 Contao is vulnerable to cross-site scripting in templates
Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the template output that will be executed in the browser in the front end and back end. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A...