CVE-2026-7882 | Concrete CMS up to 9.5.0 File Deletion Endpoint cross-site request forgery

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability has been found in Concrete CMS up to 9.5.0 and classified as problematic. This affects an unknown function of the component File Deletion Endpoint. Performing a manipulation results in cross-site request forgery.

This vulnerability is cataloged as CVE-2026-7882. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-7882 | Concrete CMS up to 9.5.0 File Deletion Endpoint cross-site request forgery

Post correlati

CVE-2025-5861 | Tenda AC7 15.03.06.44 /goform/AdvSetLanip fromadvsetlanip lanMask buffer overflow

CVE-2024-10766 | Codezips Free Exam Hall Seating Management System 1.0 /pages/save_user.php image unrestricted upload

CVE-2024-42495 | Hughes Network Systems WL3000 Fusion Software prior 2.7.0.10 missing encryption (icsa-24-249-01)

CVE-2024-45590 | expressjs body-parser up to 1.20.2 amplification (GHSA-qwcr-r2fm-qrc7)