CVE

CVE-2023-28472

CVE-2023-28472

Concrete CMS (previously concrete5) before 9.2 does not have Secure and HTTP only attributes set for ccmPoll cookies.

Source: CVE-2023-28472

Exit mobile version