Описание
baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. The issue is fixed in version 4.3.7.
Ссылки
- Vendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Vendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.6 (включая)
cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00868
Низкий
7.3 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.3
github
больше 5 лет назад
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
EPSS
Процентиль: 75%
0.00868
Низкий
7.3 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-79