Description
Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sports Rankings and Lists Cross-Site Scripting (3.5)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-0214)
MySQL CVE-2020-14869 Vulnerability (CVE-2020-14869)
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
WordPress Plugin SyntaxHighlighter Evolved Cross-Site Scripting (3.1.5)