4 matches found
EUVD-2019-0796
Malware in sbrugna...
EUVD-2022-5472
Malicious code in bioql PyPI...
CVE-2025-57758 Contao has improper access control in the back end voters
Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...
PT-2024-22350 · Contao · Contao
Name of the Vulnerable Software and Affected Versions: Contao versions 4.9.0 through 4.13.39 Contao versions 5.0.0 through 5.3.3 Description: The issue arises when checking for broken links on protected pages, causing Contao to send the cookie header to external URLs. The passed options for the...