Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 up to and including 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
concretecms concrete cms |