[MEDIUM] Concrete CMS allows unauthorized access because directories can be created with insecure permissions

PKSA-dg8d-2ptg-hb9j CVE-2023-48648 GHSA-m87h-jxr6-f82w

Affected package: concrete5/concrete5

Affected version: >=9.0.0,<9.2.2|<8.5.13

Reported by:
GitHub