Vulnerabilities > Contao > Contao

DATE CVE VULNERABILITY TITLE RISK
2019-12-17 CVE-2019-19714 Improper Encoding or Escaping of Output vulnerability in Contao 4.8.4/4.8.5
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output.
network
low complexity
contao CWE-116
5.0
5.0
2019-12-17 CVE-2019-19712 Incorrect Default Permissions vulnerability in Contao
Contao 4.0 through 4.8.5 has Insecure Permissions.
network
low complexity
contao CWE-276
5.0
5.0
2019-07-09 CVE-2019-11512 SQL Injection vulnerability in Contao
Contao 4.x allows SQL Injection.
network
low complexity
contao CWE-89
7.5
7.5