CVE-2026-8414 | Concrete CMS up to 9.4.x duplicate cross-site request forgery

A vulnerability was found in Concrete CMS up to 9.4.x and classified as problematic. This issue affects some unknown processing of the file concrete/controllers/dialog/event/duplicate. Such manipulation leads to cross-site request forgery.

This vulnerability is listed as CVE-2026-8414. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More