[MEDIUM] Concrete CMS vulnerable to cross-site scripting (XSS)

PKSA-zfst-2q3w-cvh1 CVE-2017-7725 GHSA-2mvg-c6mg-3q63

Affected package: concrete5/concrete5

Affected version: <=8.1.0

Reported by:
GitHub