Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension.
Published September 21, 2023.
Contao Contao
