[MEDIUM] Concrete CMS vulnerable to Reflected Cross-Site Scripting via dashboard icons

PKSA-dbw1-h9nz-f1xn CVE-2022-43968 GHSA-8782-xgh5-r7mv

Affected package: concrete5/concrete5

Affected version: >=9.0.0,<9.1.3|<8.5.10

Reported by:
GitHub