Alfin Joseph

**Name of the Vulnerable Software and Affected Versions** Concrete CMS versions 9.5.0 and earlier **Description** A stored cross-site scripting (XSS) issue exists because the controller fails to validate or sanitize the `height` parameter. This allows users with editor privileges to inject malicious JavaScript that executes in the browser of any visitor, which could lead to credential theft or session hijacking. **Recommendations** Update to a version later than 9.5.0. As a temporary workaround, restrict editor privileges to trusted users to minimize the risk of malicious script injection via the `height` parameter.

**Name of the Vulnerable Software and Affected Versions** Concrete CMS versions 9.0.0 through 9.3.9 **Description** The issue concerns a stored XSS in the Folder Function of Concrete CMS. Specifically, the "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names. **Recommendations** For Concrete CMS versions 9.0.0 through 9.3.9, update to a version that includes the fix for the stored XSS vulnerability in the Folder Function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.