[LOW] Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature

PKSA-mg7v-tf5z-216y CVE-2024-1246 GHSA-9v3w-cj7m-qh5g

Affected package: concrete5/concrete5

Affected version: >=9.0.0RC1,<9.2.5

Reported by:
GitHub