Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:44 p.m.22 views

Concrete CMS Cross-site Scripting via Survey Blocks

Concrete CMS formerly concrete5 before 8.5.5 allows remote authenticated users to conduct Cross-site Scripting XSS attacks via a crafted survey block. This requires at least Editor privileges...

5.4CVSS5.1AI score0.00861EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2021/03/19 12:0 a.m.9 views

Concrete CMS Cross-Site Scripting Vulnerability

Concrete CMS is an open source content management system CMS for publishing content on the World Wide Web and intranet. A cross-site scripting vulnerability exists in Concrete CMS versions prior to 8.5.5. A remote authenticated user can exploit this vulnerability via a specially crafted survey...

5.4CVSS5.8AI score0.00861EPSS
Exploits0References1
OSV
OSV
added 2021/03/18 4:15 p.m.2 views

CVE-2021-28145

Concrete CMS formerly concrete5 before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges...

5.4CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2021/03/18 4:15 p.m.17 views

CVE-2021-28145

Concrete CMS formerly concrete5 before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges...

5.4CVSS0.00861EPSS
Exploits0References2
Prion
Prion
added 2021/03/18 4:15 p.m.16 views

Cross site scripting

Concrete CMS formerly concrete5 before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges...

3.5CVSS4.9AI score0.00861EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/18 3:44 p.m.25 views

CVE-2021-28145

Concrete CMS formerly concrete5 before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges...

5.5AI score0.00861EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/18 12:0 a.m.3 views

Portlandlabs Concrete5 跨站脚本漏洞

Concrete CMS is an open source content management system CMS for publishing content on the World Wide Web and intranet. A cross-site scripting vulnerability exists in Concrete CMS versions prior to 8.5.5. A remote authenticated user can exploit this vulnerability via a specially crafted survey...

5.4CVSS5.3AI score0.00861EPSS
Exploits0References3
Rows per page
Query Builder