Backdrop CMS Backdrop 1.32.1
Approved changes feed: RSS · Atom
cpe:2.3:a:backdropcms:backdrop_cms:1.32.1:*:*:*:*:*:*:*
part: a version: 1.32.1 update: *
| Vendor | Backdropcms (c20e3035-f9db-563d-84ef-b3631140211a) |
|---|---|
| Product | Backdrop Cms (513f9e81-e800-5ece-ba58-a2cb5fa3e97e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:bitbucket/tmbridge/backdrop |
purl2cpe | 2026-06-01 10:12:18.197674 |
pkg:docker/backdrop |
purl2cpe | 2026-06-01 10:12:18.197676 |
pkg:github/backdrop/backdrop |
purl2cpe | 2026-06-01 10:12:18.197677 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-63828 |
vulnerable | 2026-06-08 07:39:17.814981 |
Details available
Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the Host header in password reset requests, leading to redirects to malicious domains and potential session hijacking via cookie injection.
Published: 2025-11-18T00:00:00.000Z
Updated: 2025-11-19T16:50:10.716Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.