Skip to main content
Loading…
    CVE-2025-0660 — Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads — CVE Database · The Intelligence Room