3 matches found
EUVD-2021-26463
Malware in sbrugna...
Concrete5 8.5.4 Cross Site Scripting
Exploit Title: Cross site scriptingXSS Author: nu11secur1ty Date: 02.27.2021 Vendor: https://www.concrete5.org/download Link: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-3111 CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3111 Exploit Place - Navigate to entries...
Cross site scripting
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI...