CVE-2018-0570

MEDIUM5.4EPSS 0.19%

XSS in baserCMS

發布日:2022/5/14修改日:2024/2/16

描述

Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

受影響套件(1)

Packagist/baserproject/basercms>= 4.0.0, <= 4.1.0.1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.4	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

參考連結(4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-0570
PATCHhttps://github.com/baserproject/basercms
WEBhttp://jvn.jp/en/jp/JVN67881316/index.html
WEBhttps://basercms.net/security/JVN67881316