2 matches found
GHSA-J274-39QW-32C9 Grav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()
Summary The Twig sandbox allow-list permits any user with the admin.pages role to call config.toArray from within a page body, dumping the entire merged site configuration — including all plugin secrets SMTP passwords, AWS keys, OAuth client secrets, API tokens — into the rendered HTML. No...
PT-2019-13823 · Backdrop · Backdrop Cms
Name of the Vulnerable Software and Affected Versions: Backdrop CMS versions 1.12.x through 1.12.7 Backdrop CMS versions 1.13.x through 1.13.2 Description: The issue allows the upload of entire-site configuration archives through the user interface or command line, without sufficiently checking...