[MEDIUM] Concrete CMS has a stored Cross-site Scripting (XSS) vulnerability

PKSA-r7c6-pnck-sspr CVE-2026-3244 GHSA-mm5f-5rqw-574f

Affected package: concrete5/concrete5

Affected version: <9.4.8

Reported by:
GitHub