CVE-2026-8432 | Concrete CMS up to 9.4.x file star cross-site request forgery

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability identified as problematic has been detected in Concrete CMS up to 9.4.x. This impacts the function star of the file concrete/controllers/backend/file. This manipulation causes cross-site request forgery.

This vulnerability appears as CVE-2026-8432. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-8432 | Concrete CMS up to 9.4.x file star cross-site request forgery

Post correlati

CVE-2025-1907 | Instantel Micromate 3.1/9.8 missing authentication (icsa-25-148-04)

CVE-2024-48916 | Ceph RadosGW encryption algorithm improper authentication

CVE-2023-6615 | Typecho 1.2.1 /admin/manage-users.php page information disclosure

CVE-2026-7685 | Edimax BR-6208AC up to 1.02 /goform/setWAN pptpDfGateway buffer overflow