baserCMS is an enterprise-level content management system (CMS) from the baserCMS team. A cross-site request forgery vulnerability exists in baserCMS versions prior to 4.8.0, which stems from the content preview feature not adequately verifying whether a request comes from a trusted user. This vulnerability can be exploited by an attacker to forge a malicious request and trick a victim into clicking on it to perform a sensitive operation.
CPE | Name | Operator | Version |
---|---|---|---|
basercms basercms | lt | 4.8.0 |