[MEDIUM] Contao affected by insert tag injection via canonical URL

PKSA-8psg-sb44-9n6y CVE-2024-45612 GHSA-2xpq-xp6c-5mgj

Affected package: contao/core-bundle

Affected version: >=5.4.0,<5.4.3|>=5.0.0,<5.3.15|>=4.13.0,<4.13.49

Reported by:
GitHub