concretecms/concrete5-legacy

concretecms/concrete5-legacy

www.concrete5.org

Releases22

Frequency4 months 1 week

Last Release over 7 years ago

Stars557

Legacy repository for concrete5

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-41463 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in toos/permissions/dialogs/access/entity/types/group_combination.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the cID parameter.
CVE-2021-41464 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter.
CVE-2021-41465 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in concrete/elements/collection_theme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter.
CVE-2021-41461 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
CVE-2021-41462 ↗	Oct 1, 2021Friday, 1 October 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter.