CVE-2023-44763 Information

Description

Concrete CMS v9.2.1 is affected by Arbitrary File Upload vulnerability via the Thumbnail\ file upload which allows Cross-Site Scripting (XSS).

Reference

https://github.com/sromanhu/ConcreteCMS-Arbitrary-file-upload-Thumbnail