Submit #522417: Concretecms 9.3.9 XSSinfo

Title	Concretecms 9.3.9 XSS
Description	ConcreteCMS v9.3.9 suffers from a Stored Cross-Site Scripting (XSS) vulnerability in the text field when adding a HTML block. This vulnerability allows attackers to cheat other users by injecting malicious scripts into web pages viewed by other users.
Source	⚠️ https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc5.md
User	yaowenxiao (UID 82929)
Submission	03/18/2025 10:23 (1 Year ago)
Moderation	03/30/2025 09:16 (12 days later)
Status	Accepted
VulDB entry	302019 [ConcreteCMS up to 9.3.9 HTML Block save content HTML injection]
Points	16

Might our Artificial Intelligence support you?

Check our Alexa App!