concrete5/core Security Advisories for 9.0.0RC4 (3)
-
[CRITICAL] Path traversal in Concrete CMS
PKSA-w385-k342-cg37 CVE-2022-30117 GHSA-3jxh-6635-6jwp
Affected version: <8.5.8|>=9.0.0,<9.1.0
Reported by:
GitHub -
[LOW] Cross site scripting in Concrete CMS
PKSA-2xjy-vwtz-v6rx CVE-2022-30120 GHSA-m2ww-6wv6-vw3c
Affected version: <8.5.8|>=9.0.0,<9.1.0
Reported by:
GitHub -
[HIGH] Code injection in concrete CMS
PKSA-vq6h-116w-22d2 CVE-2022-21829 GHSA-6xc4-7fmm-65q2
Affected version: <8.5.8|>=9.0.0,<9.1.0
Reported by:
GitHub