Vulnerabilities > Backdropcms > Backdrop > 1.13.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-24 | CVE-2023-31045 | Cross-site Scripting vulnerability in Backdropcms Backdrop A stored Cross-site scripting (XSS) issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | 4.8 |
| 2019-08-08 | CVE-2019-14769 | Cross-site Scripting vulnerability in Backdropcms Backdrop Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't sufficiently filter output when displaying certain block labels created by administrators. | 4.3 |