4 matches found
CVE-2023-28820
creationtimestamp| type| source ---|---|--- 2023-04-28 18:27:32+00:00| seen| https://t.me/cibsecurity/63067 2025-02-01 17:28:11+00:00| seen| Telegram/GbWGycXo8cCo1MJdf13xL5aBcZPpEJv9mw9aRrfcBfVJDUF...
CVE-2023-28820
Concrete CMS previously concrete5 before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized...
CVE-2023-28820
Concrete CMS previously concrete5 before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized...
CVE-2023-28820
Concrete CMS (formerly concrete5) before 9.1 is vulnerable to stored XSS in the RSS Displayer via the href attribute because the link element input was not sanitized. The root cause is unsanitized input in the RSS Displayer, allowing injection of JavaScript in the browser (stored XSS). Affected p...