CVE-2021-37627: Improper Privilege Management

August 11, 2021 (updated August 20, 2021)

Contao is an open source CMS that allows creation of websites and scalable web applications.All users are advised to update to Contao As a workaround users may disable the form generator or disable the login for untrusted back end users.

References

contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html
nvd.nist.gov/vuln/detail/CVE-2021-37627

Detect and mitigate CVE-2021-37627 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →