Description
Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension.
Remediation
References
Related Vulnerabilities
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
RubyGems Cryptographic Issues Vulnerability (CVE-2013-4287)
WordPress Plugin Persian Woocommerce SMS Cross-Site Scripting (3.3.2)
WebLogic CVE-2023-21979 Vulnerability (CVE-2023-21979)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1891)