Project News
Jul 2, 2025, 2:00 PM
Date and Time: July 15, 2025, at 9:30 a.m. PDT (find your local time here)
Location: Live on YouTube
Security News
Apr 4, 2025, 1:18 PM
Concrete CMS 9.4.0 Release Candidate 1 (RC1) which was released in March 2025 fixed Stored Cross-Site Scripting (XSS)
Jan 21, 2025, 8:55 PM
You might notice that a number of Concrete CMS CVEs have higher CVSS 4.0 risk rankings assigned by the CNA (that’s us!) than the last time you looked at them.
Sep 13, 2024, 1:10 PM
The following CVEs affecting both version 9 below 9.3.4 and all other concrete versions below 8.5.19 have been sent to MITRE to publish