Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-17T13:59:38
Updated: 2024-08-05T02:25:12.403Z
Reserved: 2019-12-11T00:00:00
Link: CVE-2019-19712
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-12-17T14:15:18.153
Modified: 2019-12-31T16:21:13.057
Link: CVE-2019-19712
Redhat
No data.