Lucene search
China National Vulnerability DatabaseCNVD-2023-86125HistoryNov 01, 2023 - 12:00 a.m.
BaserCMS Cross-Site Request Forgery Vulnerability (CNVD-2023-86125)
2023-11-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
basercms
cross-site request forgery
vulnerability
content management system
cnvd-2023-86125
exploitation
security
baserCMS is an enterprise-level content management system (CMS) from the baserCMS team. A cross-site request forgery vulnerability exists in baserCMS versions prior to 4.8.0, which stems from the content preview feature not adequately verifying whether a request comes from a trusted user. This vulnerability can be exploited by an attacker to forge a malicious request and trick a victim into clicking on it to perform a sensitive operation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| basercms basercms | lt | 4.8.0 |
Related
github
github
baserCMS CSRF vulnerability in Content preview Feature
2023-10-26 20:48:44
nvd
nvd
CVE-2023-43649
2023-10-30 19:15:08
osv
osv
CVE-2023-43649
2023-10-30 19:15:08
baserCMS CSRF vulnerability in Content preview Feature
2023-10-26 20:48:44
veracode
veracode
Cross-site Request Forgery (CSRF)
2023-10-27 13:13:25
cvelist
cvelist
CVE-2023-43649 baserCMS CSRF vulnerability in Content preview Feature
2023-10-30 18:29:26
cve
cve
CVE-2023-43649
2023-10-30 19:15:08
prion
prion
Cross site request forgery (csrf)
2023-10-30 19:15:00
jvn
jvn
JVN#45547161: Multiple vulnerabilities in baserCMS
2023-10-27 00:00:00