CVE-2025-25063 | Backdrop CMS up to 1.28.4/1.29.2 SVG Image cross site scripting (core-2025-002)

Inserito da Angelo Barbosa | Feb 3, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Backdrop CMS up to 1.28.4/1.29.2. Affected is an unknown function of the component SVG Image Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-25063. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25063 | Backdrop CMS up to 1.28.4/1.29.2 SVG Image cross site scripting (core-2025-002)

Post correlati

CVE-2024-6572 | Checkmk up to 2.0.0p39/2.1.0p47/2.2.0p32/2.3.0p14 Check SFTP Service key exchange without entity authentication

CVE-2024-24320 | MGT-COMMERCE CloudPanel up to 2.4.0 load-logfiles service path traversal

CVE-2024-38764 | i-transform Plugin up to 3.0.9 on WordPress cross-site request forgery

CVE-2024-22396 | SonicWall SonicOS IPsec buffer overflow (SNWLID-2024-0004)