CNNVD-202508-398 Information
Aug 05, 2025
cve
CNNVD ID
CNNVD-202508-398
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Concrete CMS是Concrete CMS开源的一个面向团队的开源内容管理系统。 Concrete CMS 9至9.4.2版本存在安全漏洞,该漏洞源于成员仪表板页面存在存储型跨站脚本漏洞。
Description (English)
Concrete CMS is a team-oriented, open-source content management system for Concrete CMS. There is a security loophole in versions 9 to 9.4.2 of Concrete CMS, which stems from the storage of a cross-site script gap on the member dashboard page.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Concrete CMS
Published
2025-08-05
Last Modified
2026-02-24
References
https://documentation.concretecms.org/9-x/developers/introduction/version-history/943-release-notes https://www.concretecms.org/download https://www.exploit-db.com/exploits/52428 https://access.redhat.com/security/cve/cve-2025-8573
Patch
https://www.concretecms.org/download
Share on: