CVE-2026-8413 | Concrete CMS up to 9.4.x design cross-site request forgery

A vulnerability has been found in Concrete CMS CMS up to 9.4.x and classified as problematic. This vulnerability affects unknown code of the file concrete/controllers/dialog/page/bulk/design. This manipulation causes cross-site request forgery.

This vulnerability is tracked as CVE-2026-8413. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More