CVE-2024-54123 Information

Description

Backdrop CMS before 1.28.4 and 1.29.x before 1.29.2 allows XSS via an SVG document if the SVG tag is allowed for a text format.

Reference

https://backdropcms.org/security/backdrop-sa-core-2024-002