Contao news
Read the official Contao announcements.
New security hole found in Contao
by Leo Feyer – Announcements
This afternoon, a new security hole has been found in Contao and unfortunately, it has been published right away instead of giving us a heads up and time to release a patch.
For that reason, we strongly recommend all Contao users to completely delete the contao/install.php
file or to apply CHMOD 000
to disable it as soon as possible, until we can release new program versions. The vulnerability is critical and allows to execute arbitrary code on the server.
For security reasons, we only release further information upon request.
Comments
Add a comment