PKSA-pnr9-2f76-g9z8 Security Advisory
-
[CRITICAL] Confirming an opt-in token does not invalidate previous opt-in tokens
PKSA-pnr9-2f76-g9z8 CVE-2019-10643 GHSA-j99g-qjvx-995g
Affected package: contao/core-bundle
Affected version: >=4.7.0,<4.7.3
Reported by:
FriendsOfPHP/security-advisories, GitHub