Primary

Context

Backdrop CMS Host Header Injection Vulnerability Allowing Session Hijacking

Vulnerability

A host header injection vulnerability has been identified in Backdrop CMS version 1.32.1. This vulnerability allows attackers to manipulate the host header in password reset requests, potentially leading to redirects to malicious domains. Such an attack could facilitate session hijacking through cookie injection.

Impact

Exploitation of this vulnerability could result in host header injection, allowing for unauthorized redirects and session hijacking via injected cookies.

Reproduction

To reproduce this vulnerability, navigate to the password reset page of a Backdrop CMS 1.32.1 installation. Enter the username or email of a registered user and submit the form. Intercept the outgoing POST request using a tool like Burp Suite. Modify the Host header to include an attacker-controlled domain, then forward the request. The server will respond with a redirect to the malicious domain, confirming the vulnerability.

Added: Nov 18, 2025, 6:18 PM

Updated: Nov 18, 2025, 6:18 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

1.7

exploitability

7.9

remediation

0.0

relevance

1.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

1.7

exploitability

7.9

remediation

0.0

relevance

1.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Backdrop CMS Host Header Injection Vulnerability Allowing Session Hijacking

Vulnerability

Impact

Reproduction

Affected Products

Backdrop CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating