CVE-2018-0572 – baserproject/basercms

Package

Manager: composer
Name: baserproject/basercms
Vulnerable Version: >=4.0.0 <4.1.1 || >=0 <3.0.16

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00204 pctl0.42655

Details

baserCMS vulnerable to Access Control Bypass baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors.

Metadata

Created: 2022-05-13T01:48:18Z
Modified: 2023-07-07T15:29:50Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mjj9-33j8-pfwh/GHSA-mjj9-33j8-pfwh.json
CWE IDs: []
Alternative ID: GHSA-mjj9-33j8-pfwh
Finding: F039
Auto approve: 1