CVE-2024-3180 | Concrete CMS up to 8.5.15/9.2.7 cross site scripting

Inserito da Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability classified as problematic has been found in Concrete CMS up to 8.5.15/9.2.7. Affected is an unknown function. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-3180. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3180 | Concrete CMS up to 8.5.15/9.2.7 cross site scripting

Post correlati

CVE-2023-49821 | WP Live Chat Plugin up to 4.5.15 on WordPress cross-site request forgery

CVE-2024-20399 | Cisco NX-OS up to 10.4(2) CLI os command injection (cisco-sa-nxos-cmd-injection-xD9OhyOP)

CVE-2023-48356 | Unisoc S8000 JPG Driver out-of-bounds write

CVE-2024-38514 | ChatGPTNextWeb ChatGPT-Next-Web up to 2.12.3 WebDav API Endpoint endpoint server-side request forgery (GHSA-gph5-rx77-3pjg)