{"uuid": "b3a19f94-cace-4c94-8e61-c406b06aaac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35210", "type": "seen", "source": "https://t.me/cibsecurity/25638", "content": "\u203c CVE-2021-35210 \u203c\n\nContao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-23T14:17:17.000000Z"}