Stored XSS Vulnerability in Concrete CMS Conversations with Rich Text Editor
CVE-2021-40100 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.
Learn more about our Cms Pen Testing.