Lucene search

CVE-2022-43688

🗓️ 14 Nov 2022 23:12:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 7 Media mentions👁 55 Views

Concrete CMS (formerly concrete5) 8.5.10 and 9.0.0 - 9.1.2 Stored XSS in icons. Update to 9.1.3+ or 8.5.10+

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
NVD	CVE-2022-43688	14 Nov 202223:15	–	nvd
Veracode	Cross-Site Scripting (XSS)	16 Nov 202207:30	–	veracode
Cvelist	CVE-2022-43688	14 Nov 202200:00	–	cvelist
Prion	Cross site scripting	14 Nov 202223:15	–	prion
OSV	CVE-2022-43688	14 Nov 202223:15	–	osv
OSV	GHSA-9JC5-9WH5-MC36 Concrete CMS vulnerable to Cross-site Scripting	15 Nov 202212:00	–	osv
Github Security Blog	Concrete CMS vulnerable to Cross-site Scripting	15 Nov 202212:00	–	github

Nvd

Node

concretecms concrete_cmsRange<8.5.10

concretecms concrete_cmsRange9.0.0–9.1.2

Source	Link
concretecms	www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2022-10-31
documentation	www.documentation.concretecms.org/developers/introduction/version-history/913-release-notes
github	www.github.com/concretecms/concretecms/releases/9.1.3
documentation	www.documentation.concretecms.org/developers/introduction/version-history/8510-release-notes
github	www.github.com/concretecms/concretecms/releases/8.5.10

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Nov 2022 23:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS34.8

EPSS0.00176

CWE-79