CVE-2024-54123 | Backdrop CMS up to 1.28.3/1.29.1 SVG Document cross site scripting (core-2024-002)

Posted by Angelo Barbosa | Nov 29, 2024 | CVE

A vulnerability was found in Backdrop CMS up to 1.28.3/1.29.1. It has been classified as problematic. This affects an unknown part of the component SVG Document Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-54123. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-54123 | Backdrop CMS up to 1.28.3/1.29.1 SVG Document cross site scripting (core-2024-002)

Related Posts

CVE-2024-29507 | Artifex Ghostscript up to 10.02.x CIDFSubstPath/CIDFSubstFont stack-based overflow

CVE-2024-4228 | Magarsus Consultancy SSO 1.0 sql injection

CVE-2024-51989 | pglombardo PasswordPusher up to 1.48.0 cross site scripting

CVE-2024-4632 | CartFlows WooCommerce Checkout & Funnel Builder Plugin up to 2.0.7 on WordPress cross site scripting