CVE-2025-63828 | Backdrop CMS 1.32.1 Header Host password recovery (EUVD-2025-198053)

A vulnerability was found in Backdrop CMS 1.32.1. It has been declared as problematic. Affected is an unknown function of the component Header Handler. Such manipulation of the argument Host leads to weak password recovery.

This vulnerability is referenced as CVE-2025-63828. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More