CVE-2026-8340 | Concrete CMS up to 9.5.0 edit_file_contents cross-site request forgery

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Concrete CMS up to 9.5.0. Impacted is the function edit_file_contents. Performing a manipulation results in cross-site request forgery.

This vulnerability is known as CVE-2026-8340. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-8340 | Concrete CMS up to 9.5.0 edit_file_contents cross-site request forgery

Post correlati

CVE-2024-27791 | Apple iOS/iPadOS App memory corruption

CVE-2026-24676 | FreeRDP up to 3.21.x audio_format_compatible use after free (GHSA-qh5p-frq4-pgxj)

CVE-2025-13856 | Extra Post Images Plugin up to 1.0 on WordPress Shortcode ID cross site scripting

CVE-2025-14199 | Verysync 微力同步 up to 2.21.3 Web Administration text.txt?override=false unrestricted upload