![](/application/files/5716/2398/4355/Concrete5_Illustration_11.2.png)
Project News
May 29, 2024, 1:59 PM
![#](/application/files/2417/0293/1931/July.jpg)
Date and Time: July 9, 2024, at 9:30 a.m. PDT
Location: Live on YouTube
Join the July Town Hall, streaming live.
Security News
![#](/application/files/1416/5350/7967/Security_Announcement.png)
Apr 3, 2024, 7:20 PM
We will be publishing a number of CVEs today which were remediated with Concrete CMS versions 8.5.16 and 9.2.8.
![#](/application/files/1416/5350/7967/Security_Announcement.png)
Mar 6, 2024, 2:04 PM
The Concrete CMS Team is publishing CVE-2024-2179 with the release of 9.2.7; Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field.
![#](/application/files/1416/5350/7967/Security_Announcement.png)
Feb 12, 2024, 2:26 PM
On February 7th, 2024, we received a bug report that the rich text editor in Concrete CMS 8 and 9 was displaying a strange and alarming warning. Learn more about this warning, what it's regarding, how to suppress it and what we're doing about it going forward.