4 matches found
EUVD-2022-7408
Malicious code in bioql PyPI...
Authentication flaw
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 did not use strict comparison for the legacysalt so that limited authentication bypass could occur if using this functionality. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
PortlandLabs Concrete CMS 安全漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, USA. A security vulnerability exists in Concrete CMS concrete5 versions prior to 8.5.10 and 9.0.0 through 9.1.2, which stems from not using strict comparisons for legacysalt, and a limited...
CVE-2022-43690
Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 did not use strict comparison for the legacysalt so that limited authentication bypass could occur if using this functionality. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...