CVE-2023-43792

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 5.3

CVSS3: 9.8

EPSS Низкий

Описание

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available.

Ссылки

https://basercms.net/security/JVN_45547161
Vendor Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-vrm6-c878-fpq6
Third Party Advisory
https://basercms.net/security/JVN_45547161
Vendor Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-vrm6-c878-fpq6
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*

Версия от 4.6.0 (включая) до 4.7.6 (включая)

EPSS

Процентиль: 56%

0.0034

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-vrm6-c878-fpq6

CVSS3: 5.3

github

больше 2 лет назад

baserCMS Code Injection Vulnerability in Mail Form Feature

EPSS

Процентиль: 56%

0.0034

Низкий

5.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-94