2 matches found
CVE-2026-8340
Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion, enabling a user with edit_file_contents to publish an attacker‑chosen version (downgrade or publish an unpublished co-editor version). The entry provides CVSS v4.0 base score 2.3 (low) with network attack vector ...
Nextcloud Security Breach
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from the ability of a malicious user to send a delete request to delete an older version of ...