CVE-2018-0575

描述

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.

受影響套件(1)

• Packagist/baserproject/basercms>= 4.0.0, <= 4.1.0.1

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-0575
• PATCHhttps://github.com/baserproject/basercms
• WEBhttp://jvn.jp/en/jp/JVN67881316/index.html
• WEBhttps://basercms.net/security/JVN67881316