CVE-2018-20028

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-20028

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20028.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-20028

Aliases

GHSA-q99w-j4mj-7hj8

Published

2019-04-17T19:29:00Z

Modified

2024-09-03T02:10:18.667620Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control.

References

Affected packages

Git / github.com/contao/contao

Affected ranges

Type: GIT
Repo: https://github.com/contao/contao
Events: Introduced

da8a867d8335c4ca55e5085dac11f1fecd12650e

Fixed

41ca5198a52775adaf2fbd0f3e627732298c5d15

Type: GIT
Repo: https://github.com/contao/core
Events: Introduced

50abb623bdc798bc8cd00a653b986a5f7a09075e

Fixed

f538903de8dd57b09c0a575a458a39a28f43c2c2

Affected versions

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.1.0

3.1.1

3.1.2

3.1.3

3.1.4

3.1.5

3.1.RC1

3.1.beta1

3.2.0

3.2.1

3.2.10

3.2.11

3.2.12

3.2.13

3.2.15

3.2.16

3.2.17

3.2.18

3.2.19

3.2.2

3.2.3

3.2.4

3.2.5

3.2.6

3.2.7

3.2.8

3.2.9

3.2.RC1

3.2.beta1

3.2.beta2

3.3.0

3.3.0-RC1

3.3.0-RC2

3.3.0-beta1

3.3.1

3.3.2

3.3.3

3.3.4

3.3.5

3.3.6

3.3.7

3.3.RC1

3.3.RC2

3.3.beta1

3.4.0

3.4.0-RC1

3.4.0-beta1

3.4.1

3.4.2

3.4.3

3.4.4

3.4.5

3.5.0

3.5.0-RC1

3.5.0-beta1

3.5.1

3.5.10

3.5.11

3.5.12

3.5.13

3.5.14

3.5.15

3.5.16

3.5.17

3.5.18

3.5.19

3.5.2

3.5.20

3.5.21

3.5.22

3.5.23

3.5.24

3.5.25

3.5.26

3.5.27

3.5.28

3.5.29

3.5.3

3.5.30

3.5.31

3.5.32

3.5.33

3.5.34

3.5.35

3.5.36

3.5.4

3.5.5

3.5.6

3.5.7

3.5.8

3.5.9