CVE-2021-3111
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
concretecms | concrete_cms | 𝑥 < 8.5.5 |
Common Weakness Enumeration