4 matches found
CVE-2022-24899
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings...
CVE-2022-24899 Cross site scripting via canonical tag
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings...
CVE-2022-24899 Cross site scripting via canonical tag
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings...
CVE-2022-24899
Summary of CVE-2022-24899 : Contao prior to version 4.13.3 contains a cross-site scripting vulnerability that allows injection of arbitrary JavaScript into the canonical tag. Exploitation leads to JavaScript execution in a victim’s browser on the front end, with potential for data theft or web pa...