CVE-2015-3989
CVE-2015-3989 describes multiple cross-site scripting (XSS) vulnerabilities in concrete5 prior to 5.7.4. The issues allow remote attackers to inject arbitrary web script or HTML via vectors including private messages or other unspecified paths. The consolidated sources state affected software is ...