Contao · Contao · CVE-2012-4383
**Name of the Vulnerable Software and Affected Versions**
Contao versions prior to 2.11.4
**Description**
The issue is a SQL injection vulnerability. It affects the Contao core, specifically in the `contao-2.11.3systemmodulesbackendAjax.php` file.
**Recommendations**
For versions prior to 2.11.4, update to version 2.11.4 or later to resolve the issue.
As a temporary workaround, consider restricting access to the vulnerable `Ajax.php` file until a patch is available.