Contao >=4.0.0 allows backend XSS via HTML attributes to an HTML field. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Azure Sphere Information Disclosure Vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Azure CycleCloud Elevation of Privilege Vulnerability. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.