News about Contao

Read the official Contao announcements.

Security vulnerability CVE-2019-11512

by

David Wind, penetration tester with A1 Digital, has discovered that the SQL injection vulnerability originally published under CVE-2017-16558 can still be exploited in the file manager in Contao 4. The security vulnerability has the identifier CVE-2019-11512.

The problem affects all Contao versions as of Contao 4.1 and has been fixed in Contao 4.4.39 and Contao 4.7.5.

Back to news overview.

Add a comment

Please add 9 and 9.

Livres et vidéos