Borg Project: >> Borg >> 1.0.4 Security Vulnerabilities
The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-02-21
Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.
CVSS Score
5.3
EPSS Score
0.013
Published
2017-01-02