Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-28477

Disclosure Date: April 28, 2023 (last updated December 06, 2023)
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0