Contao Improper Input Validation Vulnerability - CVE-2020-25768 - Vulnerability Database

Contao Improper Input Validation Vulnerability - CVE-2020-25768

Medium

Reference: CVE-2020-25768

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-25768

Title: Contao Improper Input Validation Vulnerability

Overview:

Contao before 4.4.52 4.9.x before 4.9.6 and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.