2 matches found
CVE-2019-10643
Contao 4.7 allows Use of a Key Past its Expiration Date...
Invalidating opt-in tokens
Date : 2019-04-09 CVEID : CVE-2019-10643 Description Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7. Affected versions Contao 4.7 up to 4.7.2 Suggested solution Update to Contao 4.7.3...