CVE-2025-27826

State: PUBLISHED · Published: 2025-03-07 · Updated: 2025-03-07 · Assigner: mitre

Description

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names.

CWE

CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Affected

CVSS

References

Source

cvelistV5-main/cves/2025/27xxx/CVE-2025-27826.json