Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961)

Description

Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.

Remediation

References

Related Vulnerabilities

XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983)

phpMyAdmin Other Vulnerability (CVE-2005-3621)

WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)

WordPress Plugin Ready! Ecommerce Shopping Cart Multiple Cross-Site Request Forgery Vulnerabilities (0.5.0)

WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.4)

Severity

Medium

Classification

CVE-2020-14961 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities