contao/contao Security Advisories for 5.1.0-RC3 (4)
- 
                        [MEDIUM] Contao can disclose sensitive information in the news modulePKSA-kh11-db67-t9zk CVE-2025-57757 GHSA-w53m-gxvg-vx7p Affected version: >=5.4.0-RC1,<5.6.1|>=5.0.0-RC1,<5.3.38 Reported by: 
 GitHub
- 
                        [MEDIUM] Contao discloses sensitive information in the front end search indexPKSA-34p6-239r-z7w2 CVE-2025-57756 GHSA-2xmj-8wmq-7475 Affected version: >=5.4.0-RC1,<5.6.1|>=5.0.0-RC1,<5.3.38|>=4.9.14,<4.13.56 Reported by: 
 GitHub
- 
                        [MEDIUM] Contao applies improper access control in the back end votersPKSA-ptp8-kf5w-97c9 CVE-2025-57758 GHSA-7m47-r75r-cx8v Affected version: >=5.4.0-RC1,<5.6.1|>=5.0.0,<5.3.38 Reported by: 
 GitHub
- 
                        [HIGH] Directory traversal vulnerability in the file managerPKSA-3m2g-ygwq-rxnz CVE-2023-29200 GHSA-fp7q-xhhw-6rj3 Affected version: >=4.9.0,<4.9.40|>=4.13.0,<4.13.21|>=5.1.0,<5.1.4 Reported by: 
 FriendsOfPHP/security-advisories, GitHub