- Backdrop Core 1.14.x versions prior to 1.14.2
- Backdrop Core 1.13.x versions prior to 1.13.5
Backdrop CMS doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute scripting when creating content.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer content types".
- Bot Kotatu
- Nate Lampton of the Backdrop CMS Security Team
- Jen Lampton of the Backdrop CMS Security Team