Ali Razzaq

**Name of the Vulnerable Software and Affected Versions** Contao versions prior to 3.5.39 Contao versions 4.x prior to 4.7.3 **Description** The issue is related to a weak password recovery mechanism for forgotten passwords. Additionally, when a user changes their password, existing sessions are not correctly invalidated, which could pose a security risk. This was discovered by security researcher Ali Razzaq. **Recommendations** For Contao versions prior to 3.5.39, update to version 3.5.39 or later. For Contao versions 4.x prior to 4.7.3, update to version 4.7.3 or later. As a temporary workaround, consider restricting access to password recovery mechanisms and ensuring that sessions are properly invalidated after password changes.

**Name of the Vulnerable Software and Affected Versions** Contao version 4.7 **Description** The issue allows for a CSRF attack. Security researcher Ali Razzaq has discovered that the request token check can be bypassed. **Recommendations** For Contao version 4.7, as a temporary workaround, consider implementing additional CSRF protection measures until a patch is available. Restrict access to sensitive operations to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Contao version 4.7 **Description** The issue allows the use of a key past its expiration date. A security researcher discovered that confirming an opt-in token does not invalidate previous opt-in tokens. **Recommendations** For Contao version 4.7, update the opt-in token validation process to invalidate previous tokens upon confirmation of a new token. As a temporary workaround, consider implementing additional validation checks to ensure that expired keys are not used.