Aschempp

Name of the Vulnerable Software and Affected Versions: Contao versions prior to 4.13.49 Contao versions prior to 5.3.15 Contao versions prior to 5.4.3 Description: In affected versions of Contao, an Open Source CMS, an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page. Recommendations: For versions prior to 4.13.49, update to Contao 4.13.49. For versions prior to 5.3.15, update to Contao 5.3.15. For versions prior to 5.4.3, update to Contao 5.4.3. As a temporary workaround, consider disabling canonical tags in the root page settings until a patch is available.