CVE-2023-49337 | Concrete CMS up to 9.2.2 Admin Dashboard name cross site scripting

Posted by Angelo Barbosa | Dec 25, 2023 | CVE

A vulnerability, which was classified as problematic, was found in Concrete CMS up to 9.2.2. This affects an unknown part of the file /dashboard/system/basics/name of the component Admin Dashboard. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-49337. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49337 | Concrete CMS up to 9.2.2 Admin Dashboard name cross site scripting

Related Posts

CVE-2024-2506 | Popup Builder Plugin up to 4.2.7 on WordPress cross site scripting

CVE-2023-46498 | EverShop NPM up to 1.0.0-rc.7 route.json information disclosure

CVE-2024-2569 | SourceCodester Employee Task Management System 1.0 /admin-manage-user.php redirect

CVE-2024-6582 | lunary-ai lunary up to 1.4.8 Setting saml.ts access control