CVE-2022-43691

Published: 2022-11-14T23:15Z

Last Modified: 2024-11-21T07:27Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive information (secrets in environment variables and server information) when Debug Mode is left on in production. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt