830873947e
Contao 4.5.7 (2018-04-04) Contao version 4.5.7 is available. The bugfix release fixes a few minor issues including a problem with validating the request token and a problem with rendering custom layout sections. Contao 4.5.8 (2018-04-18) Contao version 4.5.8 is available. The bugfix release fixes an XSS vulnerability in the system log of the back end (CVE-2018-10125). CVE-2018-10125 With a manipulated request, an attacker can implant a script which is executed when a logged in back end user opens the system log. The attacker themselves does not have to be logged in. The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to 4.5.7. We highly recommend you to update. |
||
|---|---|---|
| .. | ||
| DEINSTALL | ||
| DESCR | ||
| distinfo | ||
| INSTALL | ||
| Makefile | ||
| MESSAGE | ||
| PLIST | ||