Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-28820

Disclosure Date: April 28, 2023 (last updated October 08, 2023)
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0