CVE-2023-49337
Concrete CMS before 9.2.3 is vulnerable to Stored XSS on the Admin Dashboard via /dashboard/system/basics/name due to input handling in that endpoint. The issue affects Concrete CMS versions prior to 9.2.3; 8.5 and earlier are unaffected. Multiple sources (including Red Hat, NVD/CVE records, and ...