PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. A cross-site request forgery vulnerability exists in PortlandLabs Concrete CMS, which stems from the product’s log dialog box adding a save endpoint without validating the CCM token. An attacker could send an unintended request to the server through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
portlandlabs concrete cms | le | 8.5.5 |