Security Advisory

CVE-2023-28475

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-28 00:00:00

Last updated 2024-08-02 12:38:25

Assigner mitre

State PUBLISHED

Description

Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.

← Browse all CVEs View on cve.org ↗