Lucene search
HistoryOct 30, 2023 - 7:15 p.m.
CVE-2023-43647
basercms
cross-site scripting
vulnerability
patch
version 4.8.0
file upload
framework
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
24.5%
baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue.
Affected configurations
Node
basercmsbasercmsRange<4.8.0
Related
cvelist
cvelist
prion
prion
Cross site scripting
2023-10-30 19:15:00
github
github
baserCMS Cross-site Scripting vulnerability in File upload Feature
2023-10-26 20:47:36
vulnrichment
vulnrichment
cve
cve
CVE-2023-43647
2023-10-30 19:15:08
osv
osv
baserCMS Cross-site Scripting vulnerability in File upload Feature
2023-10-26 20:47:36
CVE-2023-43647
2023-10-30 19:15:08
veracode
veracode
Cross Site Scripting
2023-10-30 11:09:12
jvn
jvn
JVN#45547161: Multiple vulnerabilities in baserCMS
2023-10-27 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
24.5%
Related for NVD:CVE-2023-43647