Lucene search
HistoryMar 23, 2023 - 8:15 p.m.
CVE-2023-25655
basercms
content management system
cve-2023-25655
security vulnerability
patch
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.3%
baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch.
Affected configurations
Node
baserprojectbasercmsRange<4.7.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| basercms:basercms | basercms | lt | 4.7.5 |
CNA Affected
[
{
"vendor": "baserproject",
"product": "basercms",
"versions": [
{
"version": "< 4.7.5",
"status": "affected"
}
]
}
]References
Related
osv
osv
CVE-2023-25655
2023-03-23 20:15:15
baserCMS allows any file to be uploaded
2023-03-23 20:00:10
jvn
jvn
JVN#61105618: baserCMS vulnerable to arbitrary file uploads
2023-03-27 00:00:00
prion
prion
Code injection
2023-03-23 20:15:00
cvelist
cvelist
CVE-2023-25655 baserCMS allows any file to be uploaded
2023-03-23 19:23:58
github
github
baserCMS allows any file to be uploaded
2023-03-23 20:00:10
nvd
nvd
CVE-2023-25655
2023-03-23 20:15:15
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.3%
Related for CVE-2023-25655