2 matches found
CVE-2019-19712
Contao CMS vulnerability CVE-2019-19712 affects Contao 4.0–4.8.5 where backend users can manipulate the details view URL to reveal pages/articles not enabled for them, indicating an information-disclosure issue due to insecure permissions in the backend. Affected versions include 4.0 through 4.8....
Information disclosure in the back end
Date : 2019-12-17 CVE ID : CVE-2019-19712 Description Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them. Affected versions Contao 4.0 Contao 4.1 Contao 4.2 Contao 4.3 Contao 4.4 up to 4.4.45 Contao 4.5 Contao 4.6 Contao 4.7 Contao 4....