Vulnerabilities > Contao > Contao > 3.1.2

DATE CVE VULNERABILITY TITLE RISK
2023-09-21 CVE-2018-5478 Cross-site Scripting vulnerability in Contao
Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension.
network
low complexity
contao CWE-79
6.1
6.1
2023-04-25 CVE-2023-29200 Path Traversal vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-22
6.5
6.5
2020-03-16 CVE-2018-10125 Cross-site Scripting vulnerability in Contao
Contao before 4.5.7 has XSS in the system log.
network
contao CWE-79
4.3
4.3