Lucene search
Veracode Vulnerability DatabaseVERACODE:13656HistoryApr 18, 2019 - 6:29 a.m.
Information Disclosure
2019-04-1806:29:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
28.4%
contao/contao is vulnerable to information disclosure attacks. The vulnerability exists as it is possible for unauthorized users to view records without proper permissions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| contao/contao | le | 4.6.10 | |
| contao/contao | le | 4.4.30 | |
| contao/core | le | 3.5.36 | |
| contao/core-bundle | le | 4.6.10 | |
| contao/core-bundle | le | 4.4.30 |
Related
osv
osv
CVE-2018-20028
2019-04-17 19:29:00
Contao Information Disclosure via Access Control Flaws
2022-05-13 01:19:51
prion
prion
Improper access control
2019-04-17 19:29:00
github
github
Contao Information Disclosure via Access Control Flaws
2022-05-13 01:19:51
cve
cve
CVE-2018-20028
2019-04-17 19:29:00
contao
contao
Viewing unauthorized records in the back end
2018-12-13 00:00:00
nvd
nvd
CVE-2018-20028
2019-04-17 19:29:00
cvelist
cvelist
CVE-2018-20028
2019-04-17 18:58:45