Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-07T20:37:52
Updated: 2024-08-04T15:40:36.950Z
Reserved: 2020-09-18T00:00:00
Link: CVE-2020-25768
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-10-07T21:15:14.963
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-25768
Redhat
No data.