Unrated severityNVD Advisory· Published Nov 30, 2021· Updated Aug 4, 2024
CVE-2021-40101
CVE-2021-40101
Description
An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for the current password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Concrete CMS/Concrete CMSdescription
Patches
Vulnerability mechanics
References
2- documentation.concretecms.org/developers/introduction/version-history/857-release-notesmitrex_refsource_CONFIRM
- hackerone.com/reports/1065577mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.