2 matches found
CVE-2022-43692
CVE-2022-43692 affects Concrete CMS (formerly concrete5). The vulnerability is a Reflected XSS in versions prior to 8.5.10 and in 9.0.0–9.1.2, where an attacker can cause an administrator to trigger reflected XSS via a crafted URL if the admin uses a browser lacking XSS protection. Root cause: in...
CVE-2022-43692
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS - user can cause an administrator to trigger reflected XSS with a url if the targeted administrator is using an old browser that lacks XSS protection. Remediate by updating to Concrete CMS 9.1....