{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T06:57:22.605","vulnerabilities":[{"cve":{"id":"CVE-2025-27823","sourceIdentifier":"cve@mitre.org","published":"2025-03-07T22:15:38.073","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables a website to obfuscate email addresses, and should prevent spambots from collecting them. The module doesn't sufficiently validate the data attribute value on links, potentially leading to a Cross Site Scripting (XSS) vulnerability. This is mitigated by the fact an attacker must be able to insert link () HTML elements containing data attributes into the page."},{"lang":"es","value":"Se descubrió un problema en el módulo Mail Disguise anterior a la versión 1.x-1.0.5 para Background CMS. Permite que un sitio web oculte direcciones de correo electrónico y debería evitar que los robots de spam las recopilen. El módulo no valida de forma suficiente el valor del atributo de datos en los enlaces, lo que puede provocar una vulnerabilidad de Cross Site Scripting (XSS). Esto se mitiga con el hecho de que un atacante debe poder insertar elementos HTML de enlace () que contengan atributos de datos en la página."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://backdropcms.org/security/backdrop-sa-contrib-2025-007","source":"cve@mitre.org"}]}}]}