Project News

Announcing Concrete CMS 9.5.0RC2

Mar 4, 2026, 5:49 PM

March Town Hall 2026

Date and Time: March 10, 2026, at 9:30 a.m. PDT Location: Live on YouTube

Security News

Security Update: Fixes for Concrete CMS v9

Mar 4, 2026, 5:20 PM

Concrete CMS 9.4.8 includes security updates addressing vulnerabilities including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and CSRF. Users on version 8 are encouraged to plan migration to version 9.

Security Fixes in Concrete 8.5.21 and CMS 9.4.3

Aug 6, 2025, 6:55 PM

Security Fixes Included in Concrete 8.5.21 and/or CMS 9.4.3

2025-04-03 Concrete CMS Security Advisory - Security fixes in 9.4.0 Release Candidates

Apr 4, 2025, 1:18 PM

Concrete CMS 9.4.0 Release Candidate 1 (RC1) which was released in March 2025 fixed Stored Cross-Site Scripting (XSS)