Описание
Stored cross site scripting via container name
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS via a container name.
Пакеты
Наименование
concrete5/concrete5
composer
Затронутые версииВерсия исправления
< 9.2.0
9.2.0
Связанные уязвимости
CVSS3: 5.4
nvd
почти 3 года назад
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name.