CVE-2021-40099
7.2 HIGHAn issue was discovered in Concrete CMS through 8.5.5
Published: 2021-09-24 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.2 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
| Vendor | Product |
|---|---|
| concretecms | concrete_cms |
Description
An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-40099
- [Vendor advisory]https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes
- [Other]https://hackerone.com/reports/982130
- [Vendor advisory]https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes
- [Other]https://hackerone.com/reports/982130
Related CVEs
Same vendor
- CVE-2026-8340 — Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion (4.3 MEDIUM)
- CVE-2026-8434 — Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple() (8.8 HIGH)
- CVE-2026-8433 — Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan() (8.8 HIGH)
- CVE-2026-8432 — Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star() (8.8 HIGH)
- CVE-2026-8427 — Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder(... (8.8 HIGH)