Backdrop Cms Security Vulnerabilities and Issues — Backdrop Cms CVE List

Lucene search

BackdropcmsBackdrop Cms

4 matches found

CVE•added 2022/10/07 6:15 p.m.•83 views

CVE-2022-42092

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required.

7.2CVSS7.1AI score0.00794EPSS

CVE•added 2022/11/21 9:15 p.m.•77 views

CVE-2022-42096

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content.

4.8CVSS4.8AI score0.06651EPSS

CVE•added 2022/11/23 2:15 a.m.•63 views

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.

4.8CVSS4.8AI score0.43364EPSS

CVE•added 2022/08/01 8:15 p.m.•51 views

CVE-2022-34530

An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.

5.3CVSS5.4AI score0.00084EPSS