0.001 Low
EPSS
Percentile
49.6%
contao/core-bundle is vulnerable to SQL injection. The vulnerability exists in the value of strField in the file manager search filter, which allows a remote attacker to inject and execute arbitrary SQL queries through the affected parameter.
strField
contao.org/en/news/security-vulnerability-cve-2019-11512.html
github.com/contao/core-bundle/commit/ef9e7eabbba45935e28c64cf3fe9f6d263ad5ce0