You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
baserproject
published
GHSA-6fmv-q269-55cwOct 29, 2020
Package
baserCMS
Affected versions
4.4.0
Patched versions
4.4.1
Description
baserCMS 4.4.0 and earlier is affected by Remote Code Execution (RCE).
Impact: XSS via Arbitrary script execution.
Attack vector is: Administrator must be logged in.
Components are: Edit template.
Tested baserCMS Version : 4.4.0 (Latest)
Affected baserCMS Version : 4.0.0 ~ 4.4.0
Patches : https://basercms.net/security/20201029
Found by Aquilao Null
Aquilao Analyst
baserCMS 4.4.0 and earlier is affected by Remote Code Execution (RCE).
Impact: XSS via Arbitrary script execution.
Attack vector is: Administrator must be logged in.
Components are: Edit template.
Tested baserCMS Version : 4.4.0 (Latest)
Affected baserCMS Version : 4.0.0 ~ 4.4.0
Patches : https://basercms.net/security/20201029
Found by Aquilao Null