Grav CMS 1.7.44 Server-Side Template Injection

Ruby-SAML / GitLab Authentication Bypass

iTunes For Windows 12.13.2.3 Local Privilege Escalation

ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution

Backdrop CMS version 1.23.0 suffers from a persistent cross site scripting vulnerability.

Change Mirror Download

    # Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field# Date: 2023-08-21# Exploit Author: Sinem Şahin# Vendor Homepage: https://backdropcms.org/# Version: 1.23.0# Tested on: Windows & XAMPP==> Tutorial <==1- Go to the following url. => http://(HOST)/backdrop/node/add/post2- Write your xss payload in the body of the post. Formatting options should be RAW HTML to choose from.3- Press "Save" button.XSS Payload ==> "<script>alert("post_body")</script>

Headline

Backdrop CMS 1.23.0 Cross Site Scripting

Packet Storm: Latest News