Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Contao Improper Encoding or Escaping of Output Vulnerability - CVE-2019-19714 - Vulnerability Database
Contao

Contao Improper Encoding or Escaping of Output Vulnerability - CVE-2019-19714

Medium
Reference: CVE-2019-19714
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-19714
Title: Contao Improper Encoding or Escaping of Output Vulnerability
Overview:

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.