An issue exists in Concrete CMS up to and including 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.
concretecms concrete cms