← Back to CVE List
CVE-2023-28820
Published:
2023-04-28T14:15Z
Last Modified:
2025-01-31T17:15Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt