Description Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5. Remediation References CVE-2019-11512 Related Vulnerabilities PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-31628) WordPress Plugin Mail Masta Multiple SQL Injection Vulnerabilities (1.0) WordPress Plugin All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4) Joomla! Core 3.x.x Security Bypass (3.1.0 - 3.8.12) WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (6.4.12) Severity Critical Classification CVE-2019-11512 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities