Filtered by vendor Oveleon
Subscriptions
Filtered by product Contao-cookiebar
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47069 | 1 Oveleon | 2 Contao-cookiebar, Cookiebar | 2024-09-30 | 6.1 Medium |
| Oveleon Cookie Bar is a cookie bar is for the Contao Open Source CMS and allows a visitor to define cookie & privacy settings for the website. Prior to versions 1.16.3 and 2.1.3, the `block/locale` endpoint does not properly sanitize the user-controlled `locale` input before including it in the backend's HTTP response, thereby causing reflected cross-site scripting. Versions 1.16.3 and 2.1.3 contain a patch for the vulnerability. | ||||
Page 1 of 1.