Vulnerabilities

CVE-2021-3111

by Fred · 08/01/2021

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.

Date published : 2021-01-08

http://packetstormsecurity.com/files/161600/Concrete5-8.5.4-Cross-Site-Scripting.html

http://packetstormsecurity.com/files/161997/Concrete5-8.5.4-Cross-Site-Scripting.html

Similar

Tags: Cybersecurity Alert

CVE-2021-3111

Similar

Recent Posts

Categories

CVE-2021-3111

Share this:

Similar

Recent Posts

Categories

Tags