CVE-2024-28191

EUVD-2024-1135
Contao is an open source content management system. Starting in version 4.0.0 and prior to version 4.13.40 and 5.3.4, it is possible to inject insert tags in frontend forms if the output is structured in a very specific way. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, do not output user data from frontend forms next to each other, always separate them by at least one character.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
GitHub_MCNA
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
contaocontao
4.0.0 ≤
𝑥
< 4.13.40
contaocontao
5.0.0 ≤
𝑥
< 5.3.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://contao.org/en/security-advisories/insert-tag-injection-via-the-form-generator
https://github.com/contao/contao/commit/388859dcf110ca70e0fae68a2a5579ab6a702919
https://github.com/contao/contao/commit/474a2fc25f1d84d786aba8c6d234af99e64d016b
https://github.com/contao/contao/security/advisories/GHSA-747v-52c4-8vj8
https://contao.org/en/security-advisories/insert-tag-injection-via-the-form-generator
https://github.com/contao/contao/commit/388859dcf110ca70e0fae68a2a5579ab6a702919
https://github.com/contao/contao/commit/474a2fc25f1d84d786aba8c6d234af99e64d016b
https://github.com/contao/contao/security/advisories/GHSA-747v-52c4-8vj8