Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2699

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00298EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:34 a.m.6 views

CVE-2024-45612

Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page front end. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root...

5.3CVSS6.8AI score0.00298EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 9:46 p.m.5 views

CVE-2022-24899

Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings...

7.2CVSS6.7AI score0.04396EPSS
Exploits0References1
NVD
NVD
added 2024/09/17 7:15 p.m.49 views

CVE-2024-45612

Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page front end. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root...

5.3CVSS0.00298EPSS
Exploits0References2
CVE
CVE
added 2024/09/17 6:29 p.m.68 views

CVE-2024-45612

Vulnerability summary: CVE-2024-45612 affects Contao CMS. An untrusted user can inject insert tags into canonical URLs, which are then evaluated and rendered on the front end. Affected product/version (as per sources): Contao 4.13 up to 4.13.48; Contao 5.0–5.4.x up to 5.3.14 and 5.4.2, with fixes...

5.3CVSS5.2AI score0.00298EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/09/17 6:29 p.m.46 views

CVE-2024-45612 Insert tag injection via canonical URL in Contao

Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page front end. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root...

5.3CVSS0.00298EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.5 views

Contao 输入验证错误漏洞

Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management and CSS frameworks. An input validation error vulnerability exists in Contao 4.13.0 and prior versions, which originates from an untrusted user bein...

5.3CVSS5.5AI score0.00298EPSS
Exploits0References4
NVD
NVD
added 2022/05/06 12:15 a.m.25 views

CVE-2022-24899

Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings...

7.2CVSS0.04396EPSS
Exploits0References3
Contao
Contao
added 2022/05/05 12:0 a.m.83 views

Cross site scripting via canonical URL

Date : 2022-05-05 CVE ID : CVE-2022-24899 Description Untrusted users can inject malicious code into the canonical tag, which is then executed on the web page front end. Affected versions Contao 4.13 up to 4.13.2 Suggested solution Update to Contao 4.13.3. Workaround Disable canonical tags in the...

7.2CVSS6.3AI score0.04396EPSS
Exploits0Affected Software1
Rows per page
Query Builder