CVE-2021-40100

CVE-2021-40100

EPSS 0.5%

An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/616770