CVE Catalog
CVE-2025-44141
MediumCVSS 6.1Exploitation Probability (EPSS)
Low risk0.18%
8th percentile - higher than 8% of all known CVEs
Summary
A Cross-Site Scripting (XSS) vulnerability exists in the node creation form of Backdrop CMS 1.30. It allows injection of malicious JavaScript code into the page.
Risk Assessment
An attacker can exploit this vulnerability to steal user sessions, take over administrator accounts, or distribute malware within the organization.
Recommendation
Immediately update Backdrop CMS to the latest version that includes a fix for this XSS vulnerability.
Original NVD description (English source)
A Cross-Site Scripting (XSS) vulnerability exists in the node creation form of Backdrop CMS 1.30.

