GCVE - cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:*

part: a version: 1.23.0 update: *

Vendor	Backdropcms (`c20e3035-f9db-563d-84ef-b3631140211a`)
Product	Backdrop (`912ed4e4-817c-5c61-a1b7-f8fcfa9394e6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/backdrop/backdrop`	purl2cpe	2026-06-01 10:12:18.176171

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-42097`	vulnerable	2026-06-08 05:49:29.173322	Details available Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' . Published: 2022-11-22T00:00:00.000Z Updated: 2025-04-29T14:57:48.634Z Open on db.gcve.eu Reference links https://github.com/backdrop/backdrop/releases/tag/1.23.0 https://backdropcms.org https://grimthereaperteam.medium.com/cve-2022-42097-backdrop-xss-at-comments-2ea536ec55e1 https://github.com/bypazs/CVE-2022-42097	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-42094`	vulnerable	2026-06-08 05:49:29.170307	Details available Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content. Published: 2022-11-22T00:00:00.000Z Updated: 2025-04-29T15:00:22.912Z Open on db.gcve.eu Reference links https://github.com/backdrop/backdrop/releases/tag/1.23.0 https://backdropcms.org https://grimthereaperteam.medium.com/cve-2022-42094-backdrop-xss-at-cards-84266b5250f1 https://github.com/bypazs/CVE-2022-42094	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.