CVE-2023-43648

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 4.9

CVSS3: 6.5

EPSS Низкий

Описание

baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form submission data management feature of baserCMS. Version 4.8.0 contains a patch for this issue.

Ссылки

https://basercms.net/security/JVN_81174674
Vendor Advisory
https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b
Patch
Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55
Third Party Advisory
https://basercms.net/security/JVN_81174674
Vendor Advisory
https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b
Patch
Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*

Версия до 4.8.0 (исключая)

EPSS

Процентиль: 49%

0.00263

Низкий

4.9 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-hmqj-gv2m-hq55

CVSS3: 4.9

github

больше 2 лет назад

baserCMS Directory Traversal vulnerability in Form submission data management Feature

EPSS

Процентиль: 49%

0.00263

Низкий

4.9 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22