Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-2ggc-552c-rmqr: Stored cross site scripting on tags

Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Tags on uploaded files.

ghsa
#xss#git

Stored cross site scripting on tags

Moderate severity GitHub Reviewed Published Apr 28, 2023 to the GitHub Advisory Database • Updated May 5, 2023

ghsa: Latest News

GHSA-3x3q-ghcp-whf7: Template Secret leakage in logs in Scaffolder when using `fetch:template`