Vulnerability Database

296,108

Total vulnerabilities in the database

CVE-2025-57759

Impact

Under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions.

Patches

Update to Contao 5.3.38 or 5.6.1.

Workarounds

None.

For more information

If you have any questions or comments about this advisory, open an issue in contao/contao.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWEs:

Software From Fixed in
Composer icon contao / core-bundle 5.3.0 5.3.38
Composer icon contao / core-bundle 5.4.0-RC1 5.6.1
Composer icon contao / contao 5.3.0 5.3.38
Composer icon contao / contao 5.4.0-RC1 5.6.1