Security Advisories - PKSA-dqg4-bv6y-y9k1 - Packagist

PKSA-dqg4-bv6y-y9k1 Security Advisory

[MEDIUM] PHP file inclusion via insert tags

PKSA-dqg4-bv6y-y9k1 CVE-2021-37626 GHSA-r6mv-ppjc-4hgr

Affected package: contao/core-bundle

Affected version: >=4.0.0,<4.4.56|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.9.0|>=4.9.0,<4.9.18|>=4.10.0,<4.11.0|>=4.11.0,<4.11.7

Reported by:
FriendsOfPHP/security-advisories, GitHub