4 matches found
Contao 4.13.2 - Cross-Site Scripting (XSS)
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...
Contao 4.13.2 Cross Site Scripting
Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...
CVE-2022-1588
...
CVE-2022-1588
Contao 4.13.2 is associated with a Cross‑Site Scripting (XSS) vulnerability accessible via the canonical URL handling. The issue arises from insufficient validation of user input in the page canonical URL path, allowing injection of malicious JavaScript (e.g., using a URL like /contao/"> ). Pu...