[MEDIUM] Concrete CMS vulnerable to Reflected Cross-site Scripting via image manipulation library

PKSA-87pj-7s23-xmy4 CVE-2022-43694 GHSA-jfmc-3975-fv5f

Affected package: concrete5/concrete5

Affected version: >=9.0.0,<9.1.3|<8.5.10

Reported by:
GitHub