CVE-2023-43649

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 4.7

CVSS3: 9.8

EPSS Низкий

Описание

baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.

Ссылки

https://basercms.net/security/JVN_99052047
Vendor Advisory
https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6
Patch
Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5
Third Party Advisory
https://basercms.net/security/JVN_99052047
Vendor Advisory
https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6
Patch
Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*

Версия до 4.8.0 (исключая)

EPSS

Процентиль: 29%

0.00107

Низкий

4.7 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-fw9x-cqjq-7jx5

CVSS3: 4.7

github

больше 2 лет назад

baserCMS CSRF vulnerability in Content preview Feature

EPSS

Процентиль: 29%

0.00107

Низкий

4.7 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-352