CVE-2024-47069 - Contao Oveleon Cookie Bar Reflected Cross-Site Scripting

2 months ago 19
ARTICLE AD BOX
CVE ID : CVE-2024-47069
Published : Sept. 23, 2024, 4:15 p.m. | 24 minutes ago
Description : Oveleon Cookie Bar is a cookie bar is for the Contao Open Source CMS and allows a visitor to define cookie & privacy settings for the website. Prior to versions 1.16.3 and 2.1.3, the `block/locale` endpoint does not properly sanitize the user-controlled `locale` input before including it in the backend's HTTP response, thereby causing reflected cross-site scripting. Versions 1.16.3 and 2.1.3 contain a patch for the vulnerability.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article