Backdrop CMS 路径遍历漏洞

Backdrop CMS is an open source content management system CMS. A security vulnerability exists in Backdrop CMS versions prior to 1.1.19, which stems from Borg theme not adequately cleaning up path parameters passed in via URL...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to Cross-Site Scripting XSS. The vulnerability exist due to the lack of validation in the html elements when adding a post which allows an admin authenticated attacker to inject and execute malicious JavaScript when a user views a post...

CVE-2012-10004

A vulnerability was found in backdrop-contrib Basic Cart on Drupal. It has been classified as problematic. Affected is the function basiccartcheckoutformsubmit of the file basiccart.cart.inc. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading t...

CVE-2012-10004

The CVE-2012-10004 entry describes a cross-site scripting vulnerability in the Drupal Backdrop-contrib Basic Cart component. Affected is the function basic_cart_checkout_form_submit in the file basic_cart.cart.inc, with remote exploit possible. Upgrading to version 1.x-1.1.1 addresses the issue; ...

backdrop-contrib Basic Cart 跨站脚本漏洞

backdrop-contrib Basic Cart is a cms site for individual developers. A cross-site scripting vulnerability exists in backdrop-contrib Basic Cart. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the Page content in the library, allowing an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the Card content in the library, allowing an attacker to inject and execute malicious javascript...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the comment section in the library, allowing an attacker to inject and execute malicious javascript...

Backdrop CMS Comment Cross-Site Scripting Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Comment version 1.23.0, which can be exploited by attackers to launch cross-site scripting XSS attacks due to a lack of effective filtering and escaping of user-supplied data...

Backdrop CMS Card Cross-Site Scripting Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Card version 1.23.0, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by attackers to inject cross-site code and launc...

GHSA-58RJ-W2QF-QJG7 Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

Cross site scripting

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is an open source content management system CMS. A security vulnerability exists in Backdrop CMS version 1.23.0, which stems from the discovery of a stored cross-site scripting XSS vulnerability via Page content...

CVE-2022-42095

Backdrop CMS 1.23.0 contains a stored XSS vulnerability in Page content. The nuclei template identifies the vulnerable component as the Page content handling, with impact including injection of malicious scripts that could lead to data theft, session hijacking, or defacement. Root cause details i...

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

GHSA-VCVG-G8P2-3HQR Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...