Lucene search
Veracode Vulnerability DatabaseVERACODE:40490HistoryMay 12, 2023 - 10:05 a.m.
Stored Cross-Site Scripting (XSS)
2023-05-1210:05:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
backdrop
stored cross-site scripting
xss
remote admin
web scripts
html
text editors
formats
EPSS
0.001
Percentile
30.5%
backdrop/backdrop is vulnerable to Stored Cross-Site Scripting (XSS) attacks. A remote admin authenticated attacker is able to inject arbitrary web scripts or HTML through the name argument in Text Editors and Formats, modifying any sort of material, which allows the stored XSS payload to be executed when the malicious text formatting option is selected.
Related
osv
osv
Cross-site Scripting in Backdrop CMS
2023-04-24 09:30:19
vulnrichment
vulnrichment
CVE-2023-31045
2023-04-24 00:00:00
cve
cve
CVE-2023-31045
2023-04-24 08:15:07
nvd
nvd
CVE-2023-31045
2023-04-24 08:15:07
github
github
Cross-site Scripting in Backdrop CMS
2023-04-24 09:30:19
prion
prion
Cross site scripting
2023-04-24 08:15:00
cvelist
cvelist
CVE-2023-31045
2023-04-24 00:00:00