CVE-2022-42097
Backdrop CMS 1.23.0 contains a stored cross-site scripting (XSS) vulnerability in the Comment feature. The root cause is lack of proper filtering/escaping of user-supplied data. The CVSS metrics indicate a Medium severity (4.8) with network attack vector, high privileges required, and user intera...