CVE-2023-48651 | Concrete CMS up to 9.2.2 submit cross-site request forgery

Inserito da Angelo Barbosa | Dic 25, 2023 | CVE

A vulnerability, which was classified as problematic, has been found in Concrete CMS up to 9.2.2. Affected by this issue is some unknown functionality of the file /ccm/system/dialogs/file/delete/1/submit. The manipulation leads to cross-site request forgery.

This vulnerability is handled as CVE-2023-48651. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-48651 | Concrete CMS up to 9.2.2 submit cross-site request forgery

Post correlati

CVE-2023-6495 | YARPP Plugin up to 5.30.9 on WordPress cross site scripting

CVE-2023-6324 | ThroughTek Kalay SDK up to 3.1.10.16/3.3.6.1/3.4.7.3/4.3.3.1 PSK Identity uninitialized variable

CVE-2024-30539 | Awesome Support Team Awesome Support Plugin up to 6.1.7 on WordPress authorization

CVE-2023-46186 | IBM Jazz for Service Management 1.1.3.20 direct request (XFDB-269929)