CVE-2019-10643

Contao 4.7 allows Use of a Key Past its Expiration Date.

Contao 4.7 allows Use of a Key Past its Expiration Date.

Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7.

Security researcher Ali Razzaq has discovered that confirming an opt-in token does not invalidate previous opt-in tokens in Contao 4.7.

Contao versión 4.7 permite el uso de una clave pasada su fecha de expiración.