Vulnerabilities in Backdrop CMS 1.3.7