CVE-2018-0570
MEDIUM5.4EPSS 0.19%XSS in baserCMS
Published: 5/14/2022Modified: 2/16/2024
Also known as:GHSA-994g-74gq-5qpr
Description
Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected packages (1)
- Packagist/baserproject/basercms>= 4.0.0, <= 4.1.0.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.4 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |