Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.9 views

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS5.3AI score0.00194EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/21 11:45 p.m.12 views

Authorization Bypass Through User-Controlled Key

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the surveys process. An attacker can gain unauthorized access to restricted survey functionality by submitting a restricted option ...

6.3CVSS5.7AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 9:13 p.m.20 views

CVE-2026-8337

Concrete CMS

6.3CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:13 p.m.8 views

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.6 views

REDCap 跨站脚本漏洞

REDCap is a data collection and management web application from the REDCap open source. A cross-site scripting vulnerability exists in REDCap version 13.1.9, which stems from a stored cross-site scripting vulnerability in the Public Surveys feature, and could lead to the execution of arbitrary we...

5.4CVSS5.7AI score0.00409EPSS
Exploits3References5
Rows per page
Query Builder