Vulnerabilities > Contao > Contao CMS > 4.6.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-17 | CVE-2019-10641 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Contao CMS Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password. | 5.0 |
| 2019-04-17 | CVE-2018-20028 | Unspecified vulnerability in Contao CMS Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control. | 4.0 |