Lucene search
Veracode Vulnerability DatabaseVERACODE:38284HistoryNov 29, 2022 - 3:14 a.m.
Cross-site Scripting (XSS)
2022-11-2903:14:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
cross-site scripting
backdrop
vulnerability
sanitization
javascript
attack
0.007 Low
EPSS
Percentile
80.7%
backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the Card content in the library, allowing an attacker to inject and execute malicious javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| backdrop/backdrop | le | 1.22.2 | |
| backdrop/backdrop | le | 1.22.2 |
Related
nvd
nvd
CVE-2022-42094
2022-11-22 13:15:14
osv
osv
CVE-2022-42094
2022-11-22 13:15:14
Cross-site Scripting in Backdrop CMS
2022-11-22 15:30:26
cnvd
cnvd
Backdrop CMS Card Cross-Site Scripting Vulnerability
2022-11-24 00:00:00
cve
cve
CVE-2022-42094
2022-11-22 13:15:14
prion
prion
Cross site scripting
2022-11-22 13:15:00
nuclei
nuclei
Backdrop CMS version 1.23.0 - Stored Cross Site Scripting
2023-04-21 08:56:01
github
github
Cross-site Scripting in Backdrop CMS
2022-11-22 15:30:26
cvelist
cvelist
CVE-2022-42094
2022-11-22 00:00:00