Количество 2
Количество 2
CVE-2025-65961
Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the template output that will be executed in the browser in the front end and back end. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A workaround for this issue involves not using the affected templates or patch them manually.
GHSA-68q5-78xp-cwwc
Contao is vulnerable to cross-site scripting in templates
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-65961 Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, it is possible to inject code into the template output that will be executed in the browser in the front end and back end. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A workaround for this issue involves not using the affected templates or patch them manually. | CVSS3: 3.3 | 0% Низкий | 3 месяца назад |
| GHSA-68q5-78xp-cwwc Contao is vulnerable to cross-site scripting in templates | CVSS3: 3.3 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу