Vulnerabilities > Concretecms > Concrete CMS > 8.5.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-24 | CVE-2022-30120 | Cross-site Scripting vulnerability in Concretecms Concrete CMS XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. | 6.1 |
| 2022-02-09 | CVE-2021-22954 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of other users. | 8.8 |