CVE-2019-14770

CVE-2019-14770

In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. (This issue is mitigated by the attacker needing permissions to create administrative menu links, such as by creating a content type or layout. Such permissions are usually restricted to trusted or administrative users.)

Source: CVE-2019-14770

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다