Security Advisory

CVE-2025-29790

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-18 18:36:34

Last updated 2025-03-18 18:48:39

Assigner GitHub_M

State PUBLISHED

Description

Contao is an Open Source CMS. Users can upload SVG files with malicious code, which is then executed in the back end and/or front end. This vulnerability is fixed in Contao 4.13.54, 5.3.30, or 5.5.6.

← Browse all CVEs View on cve.org ↗