Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-23659

Malicious code in bioql PyPI...

4.8CVSS6.3AI score0.00421EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/07 11:31 p.m.9 views

CVE-2025-8573

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this vulnerabili...

4.8CVSS5.5AI score0.00421EPSS
Exploits1References1
Snyk
Snyk
added 2025/08/06 12:30 a.m.7 views

Cross-site Scripting (XSS)

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Home Folder process on the Members Dashboard page. An attacker can execute arbitrary scripts in the context of another user's session by setting up a...

4.8CVSS5.5AI score0.00421EPSS
Exploits1References2
OSV
OSV
added 2025/08/06 12:30 a.m.7 views

GHSA-C5XF-RMV4-J85H Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login...

2CVSS5.3AI score0.00421EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/08/06 12:30 a.m.10 views

Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login...

4.8CVSS5.3AI score0.00421EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2025/08/05 11:15 p.m.13 views

CVE-2025-8573

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

4.8CVSS0.00421EPSS
Exploits1References2
OSV
OSV
added 2025/08/05 11:15 p.m.7 views

CVE-2025-8573

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

4.8CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 2025/08/05 10:36 p.m.10 views

CVE-2025-8573 Concrete CMS 9 through 9.4.2 is vulnerable to Stored XSS from Home Folder on Members Dashboard page

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

2CVSS0.00421EPSS
Exploits1References2
CVE
CVE
added 2025/08/05 10:36 p.m.33 views

CVE-2025-8573

Concrete CMS versions 9 through 9.4.2 are affected by a Stored XSS in the Home Folder on the Members Dashboard page. An administrator could create a malicious folder whose XSS payload is triggered when users are directed there upon login. Version 8 is not affected. Remediation observed in the con...

4.8CVSS5.5AI score0.00421EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/05 10:36 p.m.7 views

CVE-2025-8573 Concrete CMS 9 through 9.4.2 is vulnerable to Stored XSS from Home Folder on Members Dashboard page

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

2CVSS5.5AI score0.00421EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.5 views

Concrete CMS 安全漏洞

Concrete CMS is a team-oriented open source content management system from Concrete CMS Open Source. A security vulnerability exists in Concrete CMS versions 9 through 9.4.2, which stems from a stored cross-site scripting vulnerability in the Members Dashboard page...

4.8CVSS5.8AI score0.00421EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.15 views

PT-2025-31998 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9 through 9.4.2 Description: Concrete CMS versions 9 through 9.4.2 are susceptible to Stored Cross-Site Scripting XSS originating from the Home Folder on the Members Dashboard page. A malicious administrator could...

2CVSS4.9AI score0.00421EPSS
Exploits1References11
Rows per page
Query Builder