GHSA-4g7q-44qp-cc5cMedium
Concrete CMS is vulnerable to unauthenticated file usage disclosure
🔗 CVE IDs covered (1)
📋 Description
Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs/file/usage/{fID} with any file ID and receive a list of every page that references that file, including page IDs, handles, and full URLs. This includes pages that are otherwise restricted by permissions. Concrete CMS thanks Eldudareeno for reporting this issue.
🎯 Affected products1
- composer/concrete5/concrete5:< 9.5.1