Lucene search
GitHub_MCVELIST:CVE-2023-43792HistoryOct 30, 2023 - 8:00 p.m.
CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature
2023-10-3020:00:14
CWE-94
GitHub_M
www.cve.org
2
cve-2023-43792
basercms
code injection
mail form
vulnerability
website development framework
patched versions
security
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
44.5%
baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available.
CNA Affected
[
{
"vendor": "baserproject",
"product": "basercms",
"versions": [
{
"version": ">= 4.6.0, <= 4.7.6",
"status": "affected"
}
]
}
]Related
github
github
baserCMS Code Injection Vulnerability in Mail Form Feature
2023-10-26 20:52:27
nvd
nvd
CVE-2023-43792
2023-10-30 21:15:07
prion
prion
Code injection
2023-10-30 21:15:00
osv
osv
CVE-2023-43792
2023-10-30 21:15:07
baserCMS Code Injection Vulnerability in Mail Form Feature
2023-10-26 20:52:27
cve
cve
CVE-2023-43792
2023-10-30 21:15:07
veracode
veracode
Code Injection
2023-10-30 07:12:56
vulnrichment
vulnrichment
CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature
2023-10-30 20:00:14
jvn
jvn
JVN#45547161: Multiple vulnerabilities in baserCMS
2023-10-27 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
44.5%
Related for CVELIST:CVE-2023-43792