Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-8204

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS5.4AI score0.00211EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/21 9:30 p.m.4 views

Concrete CMS is vulnerable to authorization bypass in the Calendar Event Frontend Dialog

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/21 9:30 p.m.2 views

GHSA-X2FP-HJ8C-MMXH Concrete CMS is vulnerable to authorization bypass in the Calendar Event Frontend Dialog

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 9:16 p.m.14 views

CVE-2026-8204

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:56 p.m.8 views

CVE-2026-8204 Concrete CMS 9.5.0 and below is vulnerable to Authorization Bypass in the Calendar Event Frontend Dialog

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 8:56 p.m.12 views

EUVD-2026-31348

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 8:56 p.m.31 views

CVE-2026-8204 Concrete CMS 9.5.0 and below is vulnerable to Authorization Bypass in the Calendar Event Frontend Dialog

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 8:56 p.m.24 views

CVE-2026-8204

Concrete CMS 9.5.0 and earlier versions are vulnerable to an authorization bypass in the Calendar Event Frontend Dialog, enabling potential cross-calendar data disclosure. A public calendar block can be used as a pivot to access private calendar data. The CVSS v4.0 base score is 6.3 (AV:N/AC:L/AT...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42544

Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot point to access private calendar data. The Concrete CMS security team gave this vulnerability a...

6.3CVSS5.8AI score0.00211EPSS
Exploits0References2
Rows per page
Query Builder