5.4
CVSSv3

CVE-2023-28819

Published: 28/04/2023 Updated: 06/12/2023
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0

Vulnerability Summary

Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 up to and including 9.0.2 is vulnerable to Stored XSS in uploaded file and folder names.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

concretecms concrete cms