[MEDIUM] Contao affected by insert tag injection via canonical URL

PKSA-8psg-sb44-9n6y CVE-2024-45612 GHSA-2xpq-xp6c-5mgj

Affected version: >=5.4.0,<5.4.3|>=5.0.0,<5.3.15|>=4.13.0,<4.13.49

Reported by:
GitHub

[HIGH] Contao affected by remote command execution through file upload

PKSA-5k7g-byhd-8xrm CVE-2024-45398 GHSA-vm6r-j788-hjh5

Affected version: >=5.4.0,<5.4.3|>=5.0.0,<5.3.15|>=4.0.0,<4.13.49

Reported by:
GitHub