CVE-2022-43694

Published: Nov 14, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-43694" target="_blank" rel="noopener"> CVE-2022-43694
GHSA: <a href="https://github.com/advisories/GHSA-jfmc-3975-fv5f" target="_blank" rel="noopener"> GHSA-jfmc-3975-fv5f
Severity: Medium
Exploit:

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the image manipulation library due to un-sanitized output.

CVSS v3:

CWEs:

OWASP TOP 10:

Vulnerability Database