Security Advisory

CVE-2021-28145

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-18 15:44:02

Last updated 2024-08-03 21:33:17

Assigner mitre

State PUBLISHED

Description

Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges.

← Browse all CVEs View on cve.org ↗