Description contao prior to 2.11.4 has a sql injection vulnerability Remediation References CVE-2012-4383 Related Vulnerabilities Drupal Core 8.7.0 Directory Traversal (8.7.0) WordPress Plugin Genesis Simple Share Cross-Site Scripting (1.0.6) Drupal Core 7.x Remote Code Execution (7.0 - 7.74) Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2600) Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-12640) Severity High Classification CVE-2012-4383 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities