Описание
Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficiently sanitize field labels before they are displayed in certain places. This vulnerability is mitigated by the fact that an attacker must have a role with the "administer fields" permission.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| backdrop | itp | package |
Связанные уязвимости
CVSS3: 4.8
nvd
больше 1 года назад
Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficiently sanitize field labels before they are displayed in certain places. This vulnerability is mitigated by the fact that an attacker must have a role with the "administer fields" permission.
CVSS3: 4.8
github
больше 1 года назад
Backdrop CMS does not sufficiently sanitize field labels before they are displayed in certain places