[LOW] Concrete CMS vulnerable to Cross-Site Request Forgery (CSRF)

PKSA-46yc-bd63-xkv6 CVE-2026-2994 GHSA-6mxw-2vhf-42g5

Affected package: concrete5/concrete5

Affected version: <9.4.8

Reported by:
GitHub