2 matches found
CVE-2019-14771
Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the...
CVE-2019-14771
CVE-2019-14771 affects Backdrop CMS: versions 1.12.x prior to 1.12.8 and 1.13.x prior to 1.13.3. The flaw lets an attacker upload entire-site configuration archives via the UI or CLI without validating archive contents, potentially permitting non-configuration scripts to be stored on the server. ...