Insufficient Sanitization of Path Arguments in Borg Theme for Backdrop CMS

Insufficient Sanitization of Path Arguments in Borg Theme for Backdrop CMS

CVE-2023-26265 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them.

Learn more about our Cms Pen Testing.