CVE-2023-44764

CVE-2023-44764

EPSS 0.5%

A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings).

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://documentation.concretecms.org/developers/introduction/version-history/923-release-notes https://github.com/sromanhu/ConcreteCMS-Stored-XSS---Site_Installation