CVE-2021-22954
N/A
N/A
Summary
A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of other users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | https://github.com/concrete5/concrete5 | fixed in Concrete CMS v 9.0 | affected |
Weaknesses
- CWE-352: Cross-Site Request Forgery (CSRF) (CWE-352)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.