A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of other users.
References
Link | Resource |
---|---|
https://documentation.concretecms.org/developers/introduction/version-history/90-release-notes | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2022-02-09T22:05:55
Updated: 2022-02-09T22:05:55
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-22954
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-09T23:15:14.993
Modified: 2022-02-15T17:55:27.240
Link: CVE-2021-22954
JSON object: View
Redhat Information
No data.
CWE