[LOW] Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page

PKSA-7cqd-c3g8-fsyk CVE-2025-8573 GHSA-c5xf-rmv4-j85h

Affected package: concrete5/concrete5

Affected version: >=9.0.0RC1,<9.4.3

Reported by:
GitHub