Description Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5. Remediation References CVE-2019-11512 Related Vulnerabilities Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0018) Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406) WebLogic CVE-2021-1994 Vulnerability (CVE-2021-1994) Plone CMS Other Vulnerability (CVE-2006-4249) Apache HTTP Server Other Vulnerability (CVE-2004-0492) Severity Critical Classification CVE-2019-11512 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities