Description
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other unspecified vectors.
Remediation
References
Related Vulnerabilities
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
Liferay Portal CVE-2024-25148 Vulnerability (CVE-2024-25148)
MySQL CVE-2021-2020 Vulnerability (CVE-2021-2020)
Drupal Improper Access Control Vulnerability (CVE-2020-13677)
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4545)