CVE-2019-19714

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.
Configurations

Configuration 1

cpe:2.3:a:contao:contao:4.8.5:*:*:*:*:*:*:*
cpe:2.3:a:contao:contao:4.8.4:*:*:*:*:*:*:*

Information

Published : 2019-12-17 03:15

Updated : 2019-12-18 09:25


NVD link : CVE-2019-19714

Mitre link : CVE-2019-19714

Products Affected
No products.
CWE
CWE-116

Improper Encoding or Escaping of Output