Описание
Stored cross site scripting on tags
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Tags on uploaded files.
Пакеты
Наименование
concrete5/concrete5
composer
Затронутые версииВерсия исправления
< 9.2.0
9.2.0
Связанные уязвимости
CVSS3: 5.4
nvd
больше 2 лет назад
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files.