Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 up to and including 9.2.1 allow a local malicious user to execute arbitrary code via a crafted script to the Forms of the Data objects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
concretecms concrete cms 9.2.1 |