2 results (0.003 seconds)

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

A stored Cross-site scripting (XSS) issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type (e.g., page, post, or card) as an admin, the stored XSS payload is executed upon selecting a malicious text formatting option. NOTE: the vendor disputes the security relevance of this finding because "any administrator that can configure a text format could easily allow Full HTML anywhere." • https://github.com/backdrop/backdrop-issues/issues/6065 https://github.com/backdrop/backdrop/releases/tag/1.24.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cookie of a high-privileged authenticated user who is entitled to install arbitrary add-ons ** EN DISPUTA ** Se presenta una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) en Backdrop CMS versión 1.20, que permite a atacantes remotos conseguir una ejecución de código remota (RCE) en el servidor web de alojamiento por medio de la carga de un complemento malicioso con un archivo PHP diseñado. NOTA: el proveedor disputa esto porque el ataque requiere una cookie de sesión de un usuario autenticado con alto privilegio que tiene derecho a instalar complementos arbitrarios • https://github.com/V1n1v131r4/CSRF-to-RCE-on-Backdrop-CMS https://www.exploit-db.com/exploits/50323 • CWE-352: Cross-Site Request Forgery (CSRF) •