CVE-2020-25768 - Contao Contao
Moderate 5.3
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.
Affected software
Contao Contao