Contao news

Contao Open Source CMS news feed

Security vulnerability CVE-2018-20028

CVE-2018-20028 identifies a security vulnerability in Contao, which allows logged in back end users to view records that have not been enabled for them.

Contao Manager 1.1.0 is available

Contao Manager version 1.1.0 is available. The release contains a new System Recovery feature, advanced installation options and improved package search results.

Security vulnerability CVE-2018-17057

CVE-2018-17057 identifies a security vulnerability in TCPDF, which also affects Contao.

Contao 3.5.36 is available

Contao version 3.5.36 is available. The bugfix release fixes a code execution vulnerability when generating PDFs (CVE-2018-17057).

Contao 4.6.0 is available

Contao version 4.6.0 is available. The release contains new features such as 2-factor authentication in the back end, drag and drop in the file manager, extended video support and automatic cache invalidation.

Contao 4.5.10 is available

Contao version 4.5.10 is available. The bugfix release restores the compatibility with Symfony 3.4.12.

Contao 4.4.20 is available

Contao version 4.4.20 is available. The bugfix release restores the compatibility with Symfony 3.4.12.

Contao 4.5.9 is available

Contao version 4.5.9 is available. The bugfix release fixes several minor problems and optimizes the RAM usage when generating XML sitemaps.

Contao 4.4.19 is available

Contao version 4.4.19 is available. The bugfix release fixes several minor problems and optimizes the RAM usage when generating XML sitemaps.

Contao 4.5.8 is available

Contao version 4.5.8 is available. The bugfix release fixes an XSS vulnerability in the system log of the back end (CVE-2018-10125).