logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2018-0570 baserproject/basercms

Package

Manager: composer
Name: baserproject/basercms
Vulnerable Version: >=4.0.0 <=4.1.0.1 || >=0 <=3.0.15

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00195 pctl0.41593

Details

XSS in baserCMS Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

Metadata

Created: 2022-05-14T03:06:07Z
Modified: 2023-10-06T16:46:40Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-994g-74gq-5qpr/GHSA-994g-74gq-5qpr.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-994g-74gq-5qpr
Finding: F008
Auto approve: 1