3 matches found
Contao 4.13.2 Cross Site Scripting
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...
Contao 4.13.2 - Cross-Site Scripting (XSS)
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...
Cross site scripting via canonical URL
Date : 2022-05-05 CVE ID : CVE-2022-24899 Description Untrusted users can inject malicious code into the canonical tag, which is then executed on the web page front end. Affected versions Contao 4.13 up to 4.13.2 Suggested solution Update to Contao 4.13.3. Workaround Disable canonical tags in the...