CVE-2026-32734
HIGH7.1EPSS 0.01%baserCMS is Vulnerable to Cross-site Scripting
發布日:2026/3/31修改日:2026/3/31
描述
baserCMS has DOM-based cross-site scripting in tag creation. ### Target baserCMS 5.2.2 and earlier versions ### Vulnerability Malicious JavaScript may be executed when creating a tag. ### Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information. https://basercms.net/security/JVN_94952030 ### Credits - quanlna2 (Le Nguyen Anh Quan) - namdi (Do Ich Nam) - minhnn42 (Nguyen Ngoc Minh) - VCSLab - Viettel Cyber Security
受影響套件(1)
- Packagist/baserproject/basercmsfrom 0, < 5.2.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |