Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes set for ccmPoll cookies.
References
Configurations
History
06 Dec 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes set for ccmPoll cookies. |
Information
Published : 2023-04-28 14:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-28472
Mitre link : CVE-2023-28472
CVE.ORG link : CVE-2023-28472
JSON object : View
Products Affected
concretecms
- concrete_cms
CWE