CVE-2026-8238 | Concrete CMS up to 9.5.0 Conversation Message message_page authorization

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability classified as problematic was found in Concrete CMS up to 9.5.0. Impacted is an unknown function of the file /ccm/frontend/conversations/message_page of the component Conversation Message Handler. The manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-8238. The attack can be executed remotely. There is not any exploit available.

CVE-2026-8238 | Concrete CMS up to 9.5.0 Conversation Message message_page authorization

Post correlati

CVE-2025-40040 | Linux Kernel up to 6.6.113/6.12.54/6.17.2 ksm userfaultfd_release_all denial of service

CVE-2026-4220 | Technologies Integrated Management Platform 7.17.0 /SetWebpagePic.jsp targetPath/Suffix unrestricted upload

CVE-2026-6002 | DivvyDrive 4.8.2.15 cross site scripting

CVE-2024-6100 | Google Chrome up to 126.0.6478.54 V8 type confusion