CVE-2019-10643: Confirming an opt-in token does not invalidate previous opt-in tokens

Severity: Critical

CVSS Score: 9.8

Contao 4.7 allows Use of a Key Past its Expiration Date.