Contao Core vulnerabilities

CVE-2018-5478 [MEDIUM] CWE-79 Contao Cross-site Scripting vulnerabililty Contao Cross-site Scripting vulnerabililty Contao 3.x before 3.5.32 allows Cross-site Scripting (XSS) via the unsubscribe module in the frontend newsletter extension.

CVE-2016-4567 [MEDIUM] CWE-79 MediaElement Vulnerable to Reflected XSS MediaElement Vulnerable to Reflected XSS Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.swf in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."

CVE-2015-0269 [MEDIUM] CWE-22 Contao Core directory traversal vulnerability Contao Core directory traversal vulnerability Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated backend users to view files outside their file mounts or the document root via unspecified vectors.

CVE-2019-10641 [CRITICAL] CWE-640 Contao Does Not Invalidate Existing Sessions When Password Changes Contao Does Not Invalidate Existing Sessions When Password Changes Security researcher Ali Razzaq has discovered that existing sessions are not correctly invalidated when a user changes their password in the backend or frontend.

CVE-2017-10993 [HIGH] CWE-22 Contao Core directory traversal vulnerability Contao Core directory traversal vulnerability A logged in back end user can include arbitrary PHP files by manipulating an URL parameter. Since Contao does not allow to upload PHP files in the file manager, the attack is limited to the existing PHP files on the server.

CVE-2012-4383 [HIGH] CWE-89 Contao core SQL Injection Vulnerability Contao core SQL Injection Vulnerability Contao core prior to 2.11.4 has a SQL injection vulnerability in `contao-2.11.3\system\modules\backend\Ajax.php`

CVE-2018-10125 [MEDIUM] CWE-79 Cross-site Scripting in Contao Cross-site Scripting in Contao Contao before 4.5.7 has XSS in the system log.