CVE-2023-26265

CVSS 5.3 MEDIUMEPSS 0.6%CWE-22

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://backdropcms.org/project/borg https://github.com/backdrop-contrib/borg/compare/1.x-1.1.18...1.x-1.1.19