PT-2024-17599 · Unknown · Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS version 9 before 9.2.5 Description: The issue concerns stored XSS in file tags and description attributes. Administrator-entered file attributes are not sufficiently sanitized in the Edit Attributes page, allowing a rogue...