Posted on

Backdrop CMS up to 1.12.7/1.13.2 Block Label handler cross site scripting

A vulnerability was found in Backdrop CMS up to 1.12.7/1.13.2 (Content Management System). It has been declared as problematic. Affected by this vulnerability is an unknown code block of the component Block Label handler. Upgrading to version 1.12.8 or 1.13.3 eliminates this vulnerability.