A vulnerability, which was classified as problematic , has been found in Concrete CMS up to 9.5.0 . Impacted is the function edit_file_contents . Performing a manipulation results in cross-site request forgery. This vulnerability is known as CVE-2026-8340 . Remote exploitation of the attack is possible. No exploit is available.