Moole Vulnerability Database

Find real vulnerabilities before they ship

High

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks.

VectorNETWORK

PublishedMay 12, 2026, 04:16

Published Bycve@mitre.org

Base Score

Score7.1

Affected Versions

No affected versions found.

References

https://backdropcms.org/security/backdrop-sa-contrib-2026-001

Weakness Type

CWE-352

CVSS Metrics

Base Score

7.1

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L

Base SeverityHigh

Version

3.1

Attack Vector (AV)

NETWORK