Concrete CMS up to 8.5.5 Conversation cross site scripting

A vulnerability classified as problematic has been found in Concrete CMS up to 8.5.5 (Content Management System). Affected is an unknown function of the component Conversation Handler. Upgrading to version 8.5.6 eliminates this vulnerability. The upgrade is hosted for download at documentation.concretecms.org.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-21513 : LANGCHAIN-EXPERIMENTAL UP TO 0.0.20 DATABASE EVAL CODE INJECTION

CVE-2024-21513 : LANGCHAIN-EXPERIMENTAL UP TO 0.0.20 DATABASE EVAL CODE INJECTION

Description Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values

CVE-2024-6737 : 2100 TECHNOLOGY ELECTRONIC OFFICIAL DOCUMENT MANAGEMENT SYSTEM UP TO 5.0.76 SETTING ACCESS CONTROL

CVE-2024-6737 : 2100 TECHNOLOGY ELECTRONIC OFFICIAL DOCUMENT MANAGEMENT SYSTEM UP TO 5.0.76 SETTING ACCESS CONTROL

Description The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote

CVE-2024-6345 : PYPA SETUPTOOLS UP TO 69.1.1 PACKAGE_INDEX CODE INJECTION

CVE-2024-6345 : PYPA SETUPTOOLS UP TO 69.1.1 PACKAGE_INDEX CODE INJECTION

Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its