[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log of the back end

PKSA-2h4f-gdkd-838y CVE-2018-10125 GHSA-pj4j-287j-f742

Affected package: contao/contao

Affected version: >=4.0.0,<4.4.18|>=4.5.0,<4.5.8

Reported by:
FriendsOfPHP/security-advisories, GitHub