Multiple issues was discovered in Backdrop CMS

Overview :
Multiple issues was discovered in Backdrop CMS
Affected Product(s) :
  • Backdrop Core 1.14.x versions prior to 1.14.2
  • Backdrop Core 1.13.x versions prior to 1.13.5
Vulnerability Details :
CVE ID : CVE-2019-19900

Backdrop CMS doesn’t sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission “Administer content types”.

CVE ID : CVE-2019-19901

Backdrop CMS doesn’t sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when configuring a layout.

This issue is mitigated by the fact that the attacker would be required to have the permission to create custom blocks, which is typically an administrative task.

CVE ID : CVE-2019-19902

Backdrop CMS allows the upload of entire-site configuration archives through the user interface or command-line. Backdrop CMS does not sufficiently check uploaded archives for invalid data, allowing non-configuration scripts to potentially be uploaded to the server.

This issue is mitigated by the fact that the attacker would be required to have the “Synchronize, import, and export configuration” permission, a permission that only trusted administrators should be given. Other measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.

CVE ID : CVE-2019-19903

Backdrop CMS doesn’t sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting when viewing the list of file types.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission “Administer file types”.

Solution :

Upgrade your site to the most recent version of Backdrop core. Download available on the Backdrop CMS 1.14.2 release page. See the update instructions, if needed.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-2315 : DATABASE SOFTWARE PRIOR 2 ACCREDITATION TRACKING/PRESENTATION SQL INJECTION

CVE-2022-2315 : DATABASE SOFTWARE PRIOR 2 ACCREDITATION TRACKING/PRESENTATION SQL INJECTION

Description Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in

CVE-2022-37877 : ARUBA CLEARPASS POLICY MANAGER UP TO 6.9.11/6.10.6 ON MACOS ONGUARD AGENT PRIVILEGE ESCALATION

CVE-2022-37877 : ARUBA CLEARPASS POLICY MANAGER UP TO 6.9.11/6.10.6 ON MACOS ONGUARD AGENT PRIVILEGE ESCALATION

Description A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their

CVE-2022-23768 : NEO INFORMATION SYSTEMS NIS-HAP11AC PRIOR 4.2-B20220530142945 TELNET SERVICE ACCESS CONTROL

CVE-2022-23768 : NEO INFORMATION SYSTEMS NIS-HAP11AC PRIOR 4.2-B20220530142945 TELNET SERVICE ACCESS CONTROL

Description This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this