CVE-2022-30120
Concrete CMS is affected by a cross-site scripting (XSS) issue in /dashboard/blocks/stacks/view_details/. The root cause is insufficient sanitation of built URLs output in that path, impacting Concrete 8.5.7 and below and Concrete 9.0–9.0.2. The vulnerability cannot be exploited in modern browser...