Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Contao Key Management Errors Vulnerability (CVE-2019-10643)

Description

Contao 4.7 allows Use of a Key Past its Expiration Date.

Remediation

References

Related Vulnerabilities

ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)

WordPress Plugin Comments-wpDiscuz Arbitrary File Upload (7.0.4)

WordPress Plugin O2Tweet Cross-Site Request Forgery (0.0.4)

WordPress Plugin Klaviyo Cross-Site Scripting (3.0.9)

WordPress Plugin SendPress Newsletters Multiple Vulnerabilities (1.1.7.21)

Severity

Critical

Classification

CVE-2019-10643 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities