2 matches found
CVE-2023-48651
CVE-2023-48651 affects Concrete CMS versions before 9.2.3. The vulnerability is a Cross Site Request Forgery (CSRF) in the /ccm/system/dialogs/file/delete/1/submit endpoint due to insufficient request validation. Impact described in connected sources indicates unauthorized actions (file deletion)...
CVE-2023-48651
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery CSRF at /ccm/system/dialogs/file/delete/1/submit...