Concrete CMS before 9.2.3 allows Stored XSS on the Admin Dashboard via /dashboard/system/basics/name. (8.5 and earlier are unaffected.)
{ "nvd_published_at": "2024-02-29T01:41:37Z", "cwe_ids": [ "CWE-79" ], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2024-02-29T20:10:31Z" }