PT-2024-17603 · Unknown · Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9 through 9.2.4 Description: The issue is related to insufficient validation of administrator-provided data in the Image URL Import Feature, allowing a rogue administrator to inject malicious code when importing images...