Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Contao Improper Input Validation Vulnerability - CVE-2020-25768 - Vulnerability Database
Contao

Contao Improper Input Validation Vulnerability - CVE-2020-25768

Medium
Reference: CVE-2020-25768
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-25768
Title: Contao Improper Input Validation Vulnerability
Overview:

Contao before 4.4.52 4.9.x before 4.9.6 and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.