PT-2022-27003 · Unknown · Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS formerly concrete5 versions below 8.5.10 Concrete CMS formerly concrete5 versions 9.0.0 through 9.1.2 Description: The issue arises when Concrete CMS does not issue a new session ID upon successful OAuth authentication. This can...