Multiple Reflected Cross Site Scripting Vulnerabilities in Concrete5 version 5.7.3.1

Disclosed: 2015-06-06 09:31:04 By egix To concretecms

Unknown

Vulnerability Details

Concrete5 is vulnerable to some reflected Cross Site Scripting (XSS) attacks because certain user input is being used within the output it generates without validating or encoding it.

Actions

View on HackerOne

Report Stats

Report ID: 59661
State: Closed
Substate: resolved
Upvotes: 1

Multiple Reflected Cross Site Scripting Vulnerabilities in Concrete5 version 5.7.3.1

Vulnerability Details

Actions

Report Stats

Share this report