CVE-2026-8432 | Concrete CMS up to 9.4.x file star cross-site request forgery

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability identified as problematic has been detected in Concrete CMS up to 9.4.x. This impacts the function star of the file concrete/controllers/backend/file. This manipulation causes cross-site request forgery.

This vulnerability appears as CVE-2026-8432. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-8432 | Concrete CMS up to 9.4.x file star cross-site request forgery

Post correlati

CVE-2024-37868 | itsourcecode Online Discussion Forum 1.0 sendreply.php image unrestricted upload

CVE-2024-4479 | Jeg Elementor Kit Plugin up to 2.6.5 on WordPress Accordion Widgets cross site scripting

CVE-2023-40070 | Intel Power Gadget Software on macOS access control (intel-sa-01037)

CVE-2025-29689 | hailey888 oa_system prior 2025.01.01 MailController.java Password cross site scripting