Description Contao 4.7 allows CSRF. Remediation References CVE-2019-10642 Related Vulnerabilities WordPress Plugin Simple URLs-Link Cloaking, Product Displays, and Affiliate Link Management Multiple Vulnerabilities (114) WordPress Plugin Stylish Cost Calculator Cross-Site Scripting (7.0.3) WordPress Plugin YOP Poll Cross-Site Scripting (6.0.2) WordPress Plugin Estatik Real Estate Arbitrary File Upload (2.3.0) Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2079) Severity High Classification CVE-2019-10642 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities