Security Advisories - PKSA-yfdn-spkq-2jww - Packagist

PKSA-yfdn-spkq-2jww Security Advisory

[LOW] Concrete CMS (previously concrete5) is vulnerable to stored XSS in uploaded file and folder names

PKSA-yfdn-spkq-2jww CVE-2023-28819 GHSA-474f-mcjv-pgrm

Affected package: concrete5/concrete5

Affected version: <9.1.0

Reported by:
GitHub