Back to search
CVE-2018-1000813
Published: Dec 20, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts. that can result in Execution of JavaScript from an unexpected source.. This attack appear to be exploitable via A user must be directed to an affected page while logged in.. This vulnerability appears to have been fixed in 1.11.1 and later.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://backdropcms.org/security/backdrop-sa-core-2018-005
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now