Security
Headlines
HeadlinesLatestCVEs

Headline

Backdrop CMS 1.23.0 Cross Site Scripting

Backdrop CMS version 1.23.0 suffers from a persistent cross site scripting vulnerability.

Packet Storm
#xss#vulnerability#windows#auth

Change Mirror Download

# Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field# Date: 2023-08-21# Exploit Author: Sinem Şahin# Vendor Homepage: https://backdropcms.org/# Version: 1.23.0# Tested on: Windows & XAMPP==> Tutorial <==1- Go to the following url. => http://(HOST)/backdrop/node/add/post2- Write your xss payload in the body of the post. Formatting options should be RAW HTML to choose from.3- Press "Save" button.XSS Payload ==> "<script>alert("post_body")</script>

Packet Storm: Latest News

Ubuntu Security Notice USN-7121-3