CVE-2018-10125
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/contao/contao
Identifiers
GHSA-pj4j-287j-f742, CVE-2018-10125
Package Slug
packagist/contao/contao
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
Contao before 4.5.7 has XSS in the system log.
Affected Versions
All versions starting from 4.0.0 before 4.4.18, all versions starting from 4.5.0 before 4.5.8
Solution
Upgrade to versions 4.4.18, 4.5.8 or above.
Last Modified
2024-02-07
| source |