backdrop is vulnerable to unrestricted file upload. The vulnerability exists in the themes
module which allows an attacker to upload a malicious file as a theme for the theme installer, which can execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
backdrop/backdrop | le | 1.22.2 | |
backdrop/backdrop | le | 1.22.2 |