CVE-2019-19714
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-19714
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-19714.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-19714
- Aliases
- Published
- 2019-12-17T15:15:25Z
- Modified
- 2024-09-03T02:32:18.698726Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.
- References
Affected packages
Git / github.com/contao/contao
Affected ranges
- Type
- GIT
- Repo
- https://github.com/contao/contao
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affected
Affected versions
4.*
4.4.22
4.4.23
4.4.24
4.4.25
4.4.26
4.4.27
4.4.28
4.4.29
4.4.30
4.4.31
4.4.32
4.4.33
4.4.34
4.4.35
4.4.36
4.4.37
4.4.38
4.4.39
4.4.40
4.4.41
4.4.42
4.4.43
4.4.44
4.5.13
4.5.14
4.6.0
4.6.1
4.6.10
4.6.11
4.6.12
4.6.13
4.6.14
4.6.2
4.6.3
4.6.4
4.6.5
4.6.6
4.6.7
4.6.8
4.6.9
4.7.0
4.7.0-RC1
4.7.0-RC2
4.7.0-RC3
4.7.0-RC4
4.7.1
4.7.2
4.7.3
4.7.4
4.7.5
4.7.6
4.7.7
4.8.0
4.8.0-RC1
4.8.0-RC2
4.8.1
4.8.2
4.8.3
4.8.4