CVSS: 8.0EPSS: 0%CPEs: 12EXPL: 0CVE-2021-37627 – Privilege escalation via form generator
https://notcve.org/view.php?id=CVE-2021-37627
11 Aug 2021 — Contao is an open source CMS that allows creation of websites and scalable web applications. In affected versions it is possible to gain privileged rights in the Contao back end. Installations are only affected if they have untrusted back end users who have access to the form generator. All users are advised to update to Contao 4.4.56, 4.9.18 or 4.11.7. As a workaround users may disable the form generator or disable the login for untrusted back end users. • https://contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2021-37626 – PHP file inclusion via insert tags
https://notcve.org/view.php?id=CVE-2021-37626
11 Aug 2021 — Contao is an open source CMS that allows you to create websites and scalable web applications. In affected versions it is possible to load PHP files by entering insert tags in the Contao back end. Installations are only affected if they have untrusted back end users who have the rights to modify fields that are shown in the front end. Update to Contao 4.4.56, 4.9.18 or 4.11.7 to resolve. If you cannot update then disable the login for untrusted back end users. • https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-35210
https://notcve.org/view.php?id=CVE-2021-35210
23 Jun 2021 — Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end. Contao versiones 4.5.x hasta 4.9.x anteriores a 4.9.16, y versiones 4.10.x hasta 4.11.x anteriores a 4.11.5, permite un ataque de tipo XSS. Es posible inyectar código en la tabla tl_log que será ejecutada en el navegador cuando el registro del sistema es llamado en el back end • https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •