Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-13	CVE-2017-7725	Cross-site Scripting vulnerability in Concretecms Concrete CMS 8.1.0 concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. network low complexity concretecms CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.