CVE-2023-28821
5.3MEDIUMConcrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
Published: 4/28/2023Updated: 1/30/2025
Description
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
AI AnalysisPowered by AI
Affected Products
concretecmsconcrete_cms
References
- https://github.com/concretecms/concretecms/releasesRelease Notes
- https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20Vendor Advisory
- https://github.com/concretecms/concretecms/releasesRelease Notes
- https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20Vendor Advisory