GHSA-W6J6-W6JX-VF2R Concrete CMS Stored XSS in getAttributeSetName

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName. A rogue administrator could inject malicious code...

Concrete CMS Stored XSS in getAttributeSetName

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName. A rogue administrator could inject malicious code...

CVE-2024-7394

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName. A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector...

CVE-2024-7394 Concrete CMS version 9.0.0 through 9.3.2 and below 8.5.18 - Stored XSS in getAttributeSetName()

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName. A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector...

Concrete CMS 跨站脚本漏洞

Concrete CMS is Concrete CMS open source a team-oriented open source content management system . Concrete CMS cross-site scripting vulnerability , the vulnerability stems from the getAttributeSetName function of the user-supplied data lack of effective filtering and escaping , an attacker can...

PT-2024-38321 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9 through 9.3.2 Concrete CMS versions below 8.5.18 Description: The issue concerns a Stored XSS vulnerability in the getAttributeSetName function. A rogue administrator could inject malicious code. Recommendations: For...