CVE-2019-10641
- Source
- https://cve.org/CVERecord?id=CVE-2019-10641
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10641.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-10641
- Aliases
- Published
- 2019-04-17T19:29:00.500Z
- Modified
- 2025-12-02T22:51:21.390788Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
- References
Affected packages
Git / github.com/contao/contao
Git / github.com/contao/core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/contao/core
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.10.4
2.11.0
2.11.1
2.11.2
2.11.3
2.11.4
2.11.5
2.11.6
2.11.RC1
2.11.RC2
2.6.3
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.RC1
3.0.RC2
3.0.beta1
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.RC1
3.1.beta1
3.2.0
3.2.1
3.2.10
3.2.11
3.2.12
3.2.13
3.2.15
3.2.16
3.2.17
3.2.18
3.2.19
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.2.9
3.2.RC1
3.2.beta1
3.2.beta2
3.3.0
3.3.0-RC1
3.3.0-RC2
3.3.0-beta1
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.RC1
3.3.RC2
3.3.beta1
3.4.0
3.4.0-RC1
3.4.0-beta1
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.5.0
3.5.0-RC1
3.5.0-beta1
3.5.1
3.5.10
3.5.11
3.5.12
3.5.13
3.5.14
3.5.15
3.5.16
3.5.17
3.5.18
3.5.19
3.5.2
3.5.20
3.5.21
3.5.22
3.5.23
3.5.24
3.5.25
3.5.26
3.5.27
3.5.28
3.5.29
3.5.3
3.5.30
3.5.31
3.5.32
3.5.33
3.5.34
3.5.35
3.5.36
3.5.37
3.5.38
3.5.4
3.5.5
3.5.6
3.5.7
3.5.8
3.5.9