CNNVD-202508-399 Information
CNNVD ID
CNNVD-202508-399
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Concrete CMS是Concrete CMS开源的一个面向团队的开源内容管理系统。 Concrete CMS 9至9.4.2版本和8.5.21之前版本存在安全漏洞,该漏洞源于会话消息仪表板页面存在反射型跨站脚本漏洞。
Description (English)
Concrete CMS is a team-oriented, open-source content management system for Concrete CMS. There is a security loophole in the Concrete CMS versions 9 to 9.4.2 and previous versions of 8.5.21, which stems from the reflection-type cross-site script gap on the session message dashboard page.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Concrete CMS
Published
2025-08-05
Last Modified
2026-02-24
References
https://documentation.concretecms.org/9-x/developers/introduction/version-history/943-release-notes https://www.concretecms.org/download https://documentation.concretecms.org/developers/introduction/version-history/8521-release-notes https://access.redhat.com/security/cve/cve-2025-8571
Patch
https://www.concretecms.org/download
Share on: