CVE-2021-35210

Published: 2021-06-23T11:15Z

Last Modified: 2024-11-21T06:12Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt