Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2026/06/05 7:24 p.m.9 views

CVE-2026-8239

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with Vector...

6.3CVSS5.5AI score0.00195EPSS
Exploits0References1
euvd
euvd
added 2026/05/22 12:31 a.m.17 views

EUVD-2026-31349

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References2
nvd
nvd
added 2026/05/21 10:16 p.m.15 views

CVE-2026-8239

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS0.00195EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/21 9:0 p.m.8 views

CVE-2026-8239

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/05/21 9:0 p.m.7 views

CVE-2026-8239 Concrete CMS 9.5.0 and below is vulnerable to IDOR in '/ccm/frontend/conversations/get_rating'

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1
cve
cve
added 2026/05/21 9:0 p.m.24 views

CVE-2026-8239

Concrete CMS

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/05/21 9:0 p.m.3 views

CVE-2026-8239 Concrete CMS 9.5.0 and below is vulnerable to IDOR in '/ccm/frontend/conversations/get_rating'

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/getrating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS5.9AI score0.00195EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.14 views

PT-2026-42561

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.1 Description An Insecure Direct Object Reference IDOR exists where the '/ccm/frontend/conversations/get rating' endpoint confirms the existence of and returns the rating score for any message by ID. IDOR is ...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References3
Rows per page
Query Builder