CVE-2021-40101

Publication date

2021-11-30 19:38:32

Family

mitre

State

PUBLISHED

Description

An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a users password to be changed without a prompt for the current password.