Date:
Wednesday, Mar 15th, 2023
Advisory ID:
BACKDROP-SA-CORE-2023-004
Security risk:
Moderately Critical
Vulnerability:
Access bypass
Versions affected:
- Backdrop Core 1.24.x versions prior to 1.24.1
- Backdrop Core 1.23.x versions prior to 1.23.2
Backdrop versions 1.22 and prior do not receive security coverage.
Description:
Backdrop provides a page that outputs information from phpinfo() to assist with diagnosing issues with PHP configuration.
If an attacker was able to achieve an XSS exploit against a privileged user, they may be able to use this page to access sensitive information that could be used to escalate the attack.
This vulnerability is mitigated by the fact that a successful XSS exploit is also required in order to exploit this vulnerability.
Solution:
Upgrade your site to the most recent version of Backdrop core. Download available on the Backdrop CMS 1.24.1 release page. See the update instructions, if needed.
Reported By:
Fixed By:
- Damien McKenna of the Drupal Security Team
- Elar Lang
- Lee Rowlands of the Drupal Security Team
- Alex Bronstein of the Drupal Security Team
- Joseph Zhao Provisional Member of the Drupal Security Team
- Drew Webber of the Drupal Security Team
- Jen Lampton of the Backdrop Security Team
- Nate Lampton of the Backdrop Security Team
- Greg Knaddison of the Drupal Security Team