Опубликовано: 24 окт. 2024
Источник: github
Github: Прошло ревью
CVSS4: 5.2
CVSS3: 7.1
Описание
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature
XSS vulnerability in Edit Email Form Settings Feature to baserCMS.
Target
baserCMS 5.1.1 and earlier versions
Vulnerability
Malicious code may be executed in Edit Email Form Settings feature.
Countermeasures
Update to the latest version of baserCMS
Please refer to the following page to reference for more information. https://basercms.net/security/JVN_00876083
Credits
Ayato Shitomi@Fore-Z
Пакеты
Наименование
baserproject/basercms
composer
Затронутые версииВерсия исправления
<= 5.1.1
5.1.2
Связанные уязвимости
CVSS3: 7.1
nvd
больше 1 года назад
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue.