Lucene search

CVE-2023-48649

🗓️ 17 Nov 2023 04:07:15Reported by mitreType

Concrete CMS vulnerability - stored XSS via uploaded file nam

Reporter	Title	Published	Views	Family All 9
Vulnrichment	CVE-2023-48649	17 Nov 202300:00	–	vulnrichment
Prion	Design/Logic Flaw	17 Nov 202304:15	–	prion
OSV	CVE-2023-48649	17 Nov 202304:15	–	osv
OSV	Concrete CMS Cross-site Scripting vulnerability	17 Nov 202306:31	–	osv
CNVD	PortlandLabs Concrete CMS Cross-Site Scripting Vulnerability (CNVD-2023-101446)	21 Nov 202300:00	–	cnvd
Veracode	Cross-Site Scripting(XSS)	17 Nov 202309:35	–	veracode
NVD	CVE-2023-48649	17 Nov 202304:15	–	nvd
Github Security Blog	Concrete CMS Cross-site Scripting vulnerability	17 Nov 202306:31	–	github
Cvelist	CVE-2023-48649	17 Nov 202300:00	–	cvelist

Nvd

Node

concretecms concrete_cmsRange<8.5.13

concretecms concrete_cmsRange9.0–9.2.2

Source	Link
github	www.github.com/concretecms/concretecms/pull/11695
documentation	www.documentation.concretecms.org/developers/introduction/version-history/922-release-notes
github	www.github.com/concretecms/concretecms/pull/11739
documentation	www.documentation.concretecms.org/developers/introduction/version-history/8513-release-notes
concretecms	www.concretecms.org/about/project-news/security/2023-11-09-security-blog-about-updated-cves-and-new-release

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Nov 2023 04:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS33.5 - 5.4

EPSS0.00074

SSVC

CWE-79