CVE-2019-19714

CVE-2019-19714

EPSS 0.8%

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://contao.org/en/news.html https://contao.org/en/security-advisories/insert-tag-injection-in-the-login-module.html