Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PortlandLabs Concrete CMS 安全漏洞
Vulnerability Description
PortlandLabs Concrete CMS是美国PortlandLabs公司的一个面向团队的开源内容管理系统。Digital Bazaar Forge是美国Digital Bazaar公司的一个 Tls 在 Javascript 中的本机实现以及用于编写基于加密和网络密集型 Web 应用程序的开源工具。 PortlandLabs Concrete CMS 9.x版本至9.2.3之前版本存在安全漏洞。攻击者利用该漏洞可以强制管理员用户删除他们当前经过身份验证的 Web 应用程序上的服务器报告日志。
CVSS Information
N/A
Vulnerability Type
N/A