CVE-2026-8139 | Concrete CMS up to 9.5.0 cross site scripting
A vulnerability was found in Concrete CMS up to 9.5.0. It has been rated as problematic. This impacts an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2026-8139. It is possible to initiate the attack remotely. There is no exploit available.