CVE-2022-30118
CVE-2022-30118 involves Cross‑Site Scripting in PortlandLabs Concrete CMS. The vulnerability lies in the /dashboard/system/express/entities/forms/save_control/[GUID] path where old browsers, specifically Internet Explorer with XSS protection disabled, can edit a form control in Concrete 8.5.7 and...