CSRF Vulnerability in Concrete CMS 8.5.5 and Below Allows File Duplication and Disk Space Exhaustion

CSRF Vulnerability in Concrete CMS 8.5.5 and Below Allows File Duplication and Disk Space Exhaustion

CVE-2021-22949 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"

Learn more about our Cms Pen Testing.