LOW
GHSA-6fxm-r8p3-mx5c
Concrete CMS is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()
Details
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan().
Are you affected?
Enter the version of the package you're using.
Affected packages
Packagist / concrete5/concrete5
Introduced in:
9.0.0RC1 Fixed in: 9.5.1 Fix
composer require concrete5/concrete5:^9.5.1