Lucene search
K

PortlandLabs Concrete Cms 跨站请求伪造漏洞

🗓️ 27 Sep 2021 00:00:00Reported by China National Vulnerability Database of Information SecurityType 
cnnvd
 cnnvd
🔗 www.cnnvd.org.cn👁 5 Views

CSRF in Concrete CMS allows unintended requests due to unvalidated tokens in the logging dialog save endpoint.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-40108
27 Sep 202113:15
attackerkb
Circl
CVE-2021-40108
27 Sep 202116:34
circl
CNVD
PortlandLabs Concrete CMS Cross-Site Request Forgery Vulnerability (CNVD-2021-76080)
29 Sep 202100:00
cnvd
CVE
CVE-2021-40108
27 Sep 202112:01
cve
Cvelist
CVE-2021-40108
27 Sep 202112:01
cvelist
EUVD
EUVD-2021-27297
7 Oct 202500:30
euvd
Hacker One
Concrete CMS: Stored unauth XSS in calendar event via CSRF
12 Feb 202108:43
hackerone
NVD
CVE-2021-40108
27 Sep 202113:15
nvd
OpenVAS
Concrete CMS < 8.5.6 Multiple Vulnerabilities
5 Oct 202100:00
openvas
Prion
Cross site request forgery (csrf)
27 Sep 202113:15
prion
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

23 May 2026 00:00Current
7.8High risk
Vulners AI Score7.8
CVSS 26.8
CVSS 3.18.8
EPSS0.00483
5