Security Advisory

CVE-2025-57758

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-28 16:32:38

Last updated 2025-08-28 17:20:01

Assigner GitHub_M

State PUBLISHED

Description

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesnt check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying solely on the voter and additionally to check USER_CAN_ACCESS_MODULE.

← Browse all CVEs View on cve.org ↗