Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26126

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00281EPSS
Exploits0References4
Veracode
Veracode
added 2025/09/25 5:59 a.m.7 views

Improper Access Control

contao/contao is vulnerable to Improper Access Control. The vulnerability is due to news feeds not filtering protected news archives, which allows an attacker to access and view restricted news items through the public RSS feed...

5.3CVSS6.7AI score0.00281EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2025/08/28 5:15 p.m.10 views

CVE-2025-57757

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, if a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround...

5.3CVSS0.00281EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/28 4:46 p.m.6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper filtering protected news archives. An attacker can access sensitive information by retrieving protected news items that are unintentionally included in the public RSS feed. Workaround This...

6.9CVSS6.7AI score0.00281EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/08/28 2:58 p.m.7 views

Contao can disclose sensitive information in the news module

Impact If a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. Patches Update to Contao 5.3.38 or 5.6.1. Workarounds Do not add protected news archives to the news feed page. For more information If you have any questions o...

5.3CVSS7AI score0.00281EPSS
Exploits0References5Affected Software2
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.11 views

Contao 安全漏洞

Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management, and CSS frameworks. A security vulnerability exists in Contao version 5.3.38 and versions prior to 5.6.1, which stems from an unfiltered protected...

5.3CVSS6.3AI score0.00281EPSS
Exploits0References5
Rows per page
Query Builder