concrete5/concrete5 Security Advisories for 9.2.6 (6)
-
[LOW] Concrete CMS Stored XSS in the Search Field
PKSA-n81q-nvhs-j5xh CVE-2024-3181 GHSA-qgm9-rxmq-jxmq
Affected version: <8.5.16|>=9.0.0RC1,<9.2.8
Reported by:
GitHub -
[LOW] Concrete CMS Stored XSS in blocks of type file
PKSA-jkfn-dm68-h74g CVE-2024-3180 GHSA-9qhc-pg6j-wf23
Affected version: <8.5.16|>=9.0.0RC1,<9.2.8
Reported by:
GitHub -
[LOW] Concrete CMS Stored XSS in the Custom Class page editing
PKSA-9d3h-dqyn-p3hg CVE-2024-3179 GHSA-r7q4-cw9r-vhp4
Affected version: <8.5.16|>=9.0.0RC1,<9.2.8
Reported by:
GitHub -
[LOW] Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter
PKSA-7yvb-1h2z-t44j CVE-2024-3178 GHSA-xwrh-qxmc-x8c8
Affected version: <8.5.16|>=9.0.0RC1,<9.2.8
Reported by:
GitHub -
[LOW] Concrete CMS Stored XSS on the calendar color settings screen
PKSA-637y-63mx-s8kt CVE-2024-2753 GHSA-pj42-r64f-4xfq
Affected version: <8.5.16|>=9.0.0RC1,<9.2.8
Reported by:
GitHub -
[LOW] Concrete CMS Stored Cross-site Scripting vulnerability
PKSA-xz8s-kt9m-78kn CVE-2024-2179 GHSA-4m7h-34xm-4wjv
Affected version: <9.2.7
Reported by:
GitHub