3 matches found
Improper Authorization
tarteaucitron is vulnerable to Improper Authorization. The vulnerability is due to insufficient validation of HTML data attributes used for cookie deletion, which allows an attacker to craft malicious elements that trick users into unintentionally deleting cookies when clicked...
Backdrop CMS 跨站脚本漏洞
Backdrop CMS is a content management system CMS from Backdrop CMS open source. A cross-site scripting vulnerability exists in Backdrop CMS versions prior to 1.x-1.0.5, which stems from insufficient validation of data attributes and could lead to cross-site scripting attacks...
CVE-2025-27823
An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables a website to obfuscate email addresses, and should prevent spambots from collecting them. The module doesn't sufficiently validate the data attribute value on links, potentially leading to a Cross Si...