10 matches found
Stored cross site scripting on saved presets
Concrete CMS previously concrete5 before 9.2 is vulnerable to Stored XSS on Saved Presets on search...
GHSA-2J26-J953-2RPH Stored cross site scripting on saved presets
Concrete CMS previously concrete5 before 9.2 is vulnerable to Stored XSS on Saved Presets on search...
CVE-2023-28474
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...
CVE-2023-28474
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...
CVE-2023-28474
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...
Design/Logic Flaw
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...
CVE-2023-28474
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...
CVE-2023-28474
Concrete CMS (formerly concrete5) versions 9.0 through 9.1.3 are affected by a Stored XSS vulnerability in the Saved Presets on search feature. The root cause is lack of proper sanitization when saving presets for search, enabling an attacker to inject script that could be executed in other users...
PT-2023-21744 · Unknown · Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Concrete CMS previously concrete5 versions prior to 9.2 Description: The issue is related to Stored XSS on Saved Presets on search. This means that an attacker can store malicious...
CVE-2023-28474
Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search...