PKSA-mg7v-tf5z-216y Security Advisory
-
[LOW] Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature
PKSA-mg7v-tf5z-216y CVE-2024-1246 GHSA-9v3w-cj7m-qh5g
Affected package: concrete5/concrete5
Affected version: >=9.0.0RC1,<9.2.5
Reported by:
GitHub