Contao news

Read the official Contao announcements.

Security vulnerability CVE-2019-10643


Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7. The security vulnerability has the identifier CVE-2019-10643.

The problem affects only Contao 4.7 and has been fixed in Contao 4.7.3.

Back to news overview.


Add a comment

Please add 4 and 3.