Multiple cross-site scripting (XSS) vulnerabilities in concrete5 prior to 5.7.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to private messages or other unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
concrete5 concrete5 |
Vulmon