CVE-2026-8421

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2026-8421 — Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_packag...

Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concrete/controllers/single_page/dashboard/extend/install.php.  An attacker who can cause an authenticated administrator to visit a crafted page,  and who has placed or caused a package to be present under DIR_PACKAGES/<handle>/, can force the installation of that package without any CSRF protection. Pack

CVE-2026-8421
NIST NVD