CVE-2023-48649

Published: Nov 17, 2023
Updated: May 10, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-48649" target="_blank" rel="noopener"> CVE-2023-48649
GHSA: <a href="https://github.com/advisories/GHSA-36fr-3wg8-q5v8" target="_blank" rel="noopener"> GHSA-36fr-3wg8-q5v8
Severity: Medium
Exploit:

Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.

CVSS v3:

CWEs:

OWASP TOP 10:

Vulnerability Database