Security Advisory

CVE-2021-35210

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-23 09:34:44

Last updated 2024-08-04 00:33:51

Assigner mitre

State PUBLISHED

Description

Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end.

← Browse all CVEs View on cve.org ↗