XSS in Backdropcms Gdpr Cookies Module For Backdrop Cms
CVE-2025-71310
The GDPR cookies module for Backdrop CMS (before 1.x-1.3.5) doesn't sufficiently protect visitors from Cross Site Scripting (XSS) if a malicious value has been provided for the optional 'Info content' field for the YouTube service. This…
EPSS: 0.001 (18.0th percentile) — read the EPSS interpretation.
Affected products
- Backdropcms Gdpr Cookies Module For Backdrop Cms — versions 0