4 matches found
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41465
CVE-2021-41465 affects concrete5-legacy 5.6.4.0 and earlier. The issue is a cross-site scripting (XSS) vulnerability in the file collection_theme.php , exploitable via the rel parameter, enabling remote attackers to inject arbitrary web script or HTML. The connected documents corroborate the affe...