Browse all 8 CVE security advisories affecting backdropcms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BackdropCMS is an open-source content management system designed for building websites and managing digital content, particularly favored by non-profits and educational institutions. Historically, the platform has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the 8 recorded CVEs highlight ongoing security concerns, particularly in areas like file handling and user permissions. The project maintains regular security updates, but administrators should prioritize timely patching due to the potential severity of identified vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-46595 | Backdrop CMS 跨站脚本漏洞 — FlagCWE-79 | 6.4 | Medium | 2025-04-25 |
| CVE-2025-27824 | Backdrop CMS 跨站脚本漏洞 — Link iframe formatterCWE-79 | 6.4 | Medium | 2025-03-07 |
| CVE-2025-27826 | Backdrop CMS 跨站脚本漏洞 — Bootstrap Lite themeCWE-79 | 6.4 | Medium | 2025-03-07 |
| CVE-2025-27825 | Backdrop CMS 跨站脚本漏洞 — Bootstrap 5 Lite themeCWE-79 | 6.4 | Medium | 2025-03-07 |
| CVE-2025-27823 | Backdrop CMS 跨站脚本漏洞 — Mail DisguiseCWE-79 | 6.4 | Medium | 2025-03-07 |
| CVE-2025-27822 | Backdrop CMS 安全漏洞 — MasqueradeCWE-863 | 7.5 | High | 2025-03-07 |
| CVE-2025-25062 | Backdrop CMS 安全漏洞 — backdropCWE-79 | 4.4 | Medium | 2025-02-03 |
| CVE-2025-25063 | Backdrop CMS 安全漏洞 — backdropCWE-79 | 4.4 | Medium | 2025-02-03 |
This page lists every published CVE security advisory associated with backdropcms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.