Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-76080
HistorySep 29, 2021 - 12:00 a.m.

PortlandLabs Concrete CMS Cross-site Request Forgery Vulnerability (CNVD-2021-76080)

2021-09-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
5

0.001 Low

EPSS

Percentile

31.1%

JSON

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. A cross-site request forgery vulnerability exists in PortlandLabs Concrete CMS, which stems from the product’s log dialog box adding a save endpoint without validating the CCM token. An attacker could send an unintended request to the server through this vulnerability.

CPENameOperatorVersion
portlandlabs concrete cmsle8.5.5

Related

cve 1
cvelist 1
hackerone 1
prion 1
nvd 1
openvas 1
cve
cve
CVE-2021-40108
2021-09-27 13:15:08
cvelist
cvelist
CVE-2021-40108
2021-09-27 12:01:34
hackerone
hackerone
Concrete CMS: Stored unauth XSS in calendar event via CSRF
2021-02-12 08:43:11
prion
prion
Cross site request forgery (csrf)
2021-09-27 13:15:00
nvd
nvd
CVE-2021-40108
2021-09-27 13:15:08
openvas
openvas
Concrete CMS < 8.5.6 Multiple Vulnerabilities
2021-10-05 00:00:00

0.001 Low

EPSS

Percentile

31.1%

JSON
Related for CNVD-2021-76080
cve1cvelist1hackerone1prion1nvd1openvas1