Portlandlabs Concrete5 is an open source content management system (CMS) from PortlandLabs, Inc. A cross-site scripting vulnerability exists in Portlandlabs Concrete5 crete5-legacy 5.6.4.0 and prior versions, which can be exploited by remote attackers to “cID” parameter to inject arbitrary web script or HTML.
CPE | Name | Operator | Version |
---|---|---|---|
PortlandLabs Concrete5 crete5-legacy <= 5. | eq | 6.4.0 |