CVE-2025-57759

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-57759

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-57759.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-57759

Aliases

GHSA-qqfq-7cpp-hcqj

Published

2025-08-28T17:15:36Z

Modified

2025-08-29T04:53:35.992649Z

Summary

[none]

Details

Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no workarounds.

References

Affected packages

Git / github.com/contao/contao

Affected ranges

Type: GIT
Repo: https://github.com/contao/contao
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

80ee7db12d55ad979d9b1b180f273d4e2668851f

Affected versions

4.*

4.10.0

4.10.0-RC1

4.10.0-RC2

4.10.0-RC3

4.10.0-RC4

4.10.1

4.10.2

4.10.3

4.10.4

4.10.5

4.10.6

4.10.7

4.11.0

4.11.0-RC1

4.11.0-RC2

4.11.1

4.11.2

4.11.3

4.11.4

4.11.5

4.11.6

4.11.7

4.11.8

4.11.9

4.12.0

4.12.0-RC1

4.12.0-RC2

4.12.0-RC3

4.12.1

4.12.2

4.12.3

4.12.4

4.12.5

4.12.6

4.12.7

4.13.0

4.13.0-RC1

4.13.0-RC2

4.13.0-RC3

4.13.1

4.13.10

4.13.11

4.13.12

4.13.13

4.13.14

4.13.15

4.13.16

4.13.17

4.13.18

4.13.19

4.13.2

4.13.20

4.13.21

4.13.22

4.13.23

4.13.24

4.13.25

4.13.26

4.13.27

4.13.28

4.13.29

4.13.3

4.13.30

4.13.31

4.13.32

4.13.33

4.13.34

4.13.35

4.13.36

4.13.37

4.13.38

4.13.39

4.13.4

4.13.40

4.13.41

4.13.42

4.13.43

4.13.44

4.13.45

4.13.46

4.13.47

4.13.48

4.13.49

4.13.5

4.13.6

4.13.7

4.13.8

4.13.9

4.4.22

4.4.23

4.4.24

4.4.25

4.4.26

4.4.27

4.4.28

4.4.29

4.4.30

4.4.31

4.4.32

4.4.33

4.4.34

4.4.35

4.4.36

4.4.37

4.4.38

4.4.39

4.4.40

4.4.41

4.4.42

4.4.43

4.4.44

4.4.45

4.4.46

4.4.47

4.4.48

4.4.49

4.4.50

4.4.51

4.4.52

4.4.53

4.4.54

4.4.55

4.5.13

4.5.14

4.6.0

4.6.1

4.6.10

4.6.11

4.6.12

4.6.13

4.6.14

4.6.2

4.6.3

4.6.4

4.6.5

4.6.6

4.6.7

4.6.8

4.6.9

4.7.0

4.7.0-RC1

4.7.0-RC2

4.7.0-RC3

4.7.0-RC4

4.7.1

4.7.2

4.7.3

4.7.4

4.7.5

4.7.6

4.7.7

4.8.0

4.8.0-RC1

4.8.0-RC2

4.8.1

4.8.2

4.8.3

4.8.4

4.8.5

4.8.6

4.8.7

4.8.8

4.9.0

4.9.0-RC1

4.9.0-RC2

4.9.1

4.9.10

4.9.11

4.9.12

4.9.13

4.9.14

4.9.15

4.9.16

4.9.17

4.9.18

4.9.19

4.9.2

4.9.20

4.9.21

4.9.22

4.9.23

4.9.24

4.9.25

4.9.26

4.9.27

4.9.28

4.9.29

4.9.3

4.9.30

4.9.31

4.9.32

4.9.33

4.9.34

4.9.35

4.9.36

4.9.37

4.9.38

4.9.39

4.9.4

4.9.40

4.9.41

4.9.5

4.9.6

4.9.7

4.9.8

4.9.9

5.*

5.0.0

5.0.0-RC1

5.0.0-RC2

5.0.0-RC3

5.0.0-RC4

5.0.1

5.0.10

5.0.2

5.0.3

5.0.4

5.0.5

5.0.6

5.0.7

5.0.8

5.0.9

5.1.0

5.1.0-RC1

5.1.0-RC2

5.1.0-RC3

5.1.1

5.1.10

5.1.11

5.1.2

5.1.3

5.1.4

5.1.5

5.1.6

5.1.7

5.1.8

5.1.9

5.2.0

5.2.0-RC1

5.2.0-RC2

5.2.0-RC3

5.2.0-RC4

5.2.0-RC5

5.2.0-RC6

5.2.1

5.2.10

5.2.2

5.2.3

5.2.4

5.2.5

5.2.6

5.2.7

5.2.8

5.2.9

5.3.0

5.3.0-RC1

5.3.0-RC2

5.3.0-RC3

5.3.0-RC4

5.3.1

5.3.10

5.3.11

5.3.12

5.3.13

5.3.14

5.3.15

5.3.16

5.3.17

5.3.18

5.3.19

5.3.2

5.3.20

5.3.21

5.3.22

5.3.23

5.3.24

5.3.25

5.3.26

5.3.27

5.3.28

5.3.29

5.3.3

5.3.30

5.3.31

5.3.32

5.3.33

5.3.34

5.3.35

5.3.36

5.3.37

5.3.4

5.3.5

5.3.6

5.3.7

5.3.8

5.3.9