Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2023-48650
Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name.
Base Score