GHSA-G9CP-9FW3-56CF Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'s...

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'s...

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

CVE-2022-42094

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

CVE-2022-42097

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'...

CVE-2022-42094

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

CVE-2022-42097

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'...

Cross site scripting

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

Cross site scripting

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'...

CVE-2022-42097

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'...

PT-2022-26248 · Unknown · Backdrop Cms

Name of the Vulnerable Software and Affected Versions: Backdrop CMS version 1.23.0 Description: A stored cross-site scripting XSS issue was found in Backdrop CMS. The issue is related to the 'Comment' feature, allowing for potential XSS attacks. Recommendations: For Backdrop CMS version 1.23.0,...

CVE-2022-42094

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

PT-2022-7178 · Unknown · Backdrop Cms

Name of the Vulnerable Software and Affected Versions: Backdrop CMS version 1.23.0 Description: The issue is related to the lack of protection for the web page structure in Backdrop CMS, which can be exploited by a remote attacker to conduct cross-site scripting XSS attacks. Specifically, it is a...

CVE-2022-42094

CVE-2022-42094 concerns Backdrop CMS, version 1.23.0, with a stored XSS bug in the Card content. The NVD/Nucli-templates describe a stored XSS that could allow an attacker to run arbitrary JavaScript in a victim’s browser, potentially enabling session hijacking, defacement, or theft of informatio...

CVE-2022-42097

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'...

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Comment version 1.23.0, which can be exploited by attackers to launch cross-site scripting XSS attacks due to a lack of effective filtering and escaping of user-supplied data...

PT-2022-7183 · Unknown · Backdrop Cms

Name of the Vulnerable Software and Affected Versions: Backdrop CMS version 1.23.0 Description: The issue is related to the lack of protection for the web page structure in Backdrop CMS, which can be exploited by a remote attacker to conduct cross-site scripting XSS attacks. Specifically, the...

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Card version 1.23.0, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by attackers to inject cross-site code and launc...

CVE-2022-42094

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the 'Card' content...

CVE-2022-42097

Backdrop CMS 1.23.0 contains a stored cross-site scripting (XSS) vulnerability in the Comment feature. The root cause is lack of proper filtering/escaping of user-supplied data. The CVSS metrics indicate a Medium severity (4.8) with network attack vector, high privileges required, and user intera...