Lucene search
GoogleOSV:GHSA-CPXC-67RC-C775HistoryAug 28, 2020 - 8:48 p.m.
Cross Site Scripting in baserCMS
2020-08-2820:48:12
Google
osv.dev
6
cross site scripting
arbitrary script execution
administrator login
content_fields.php
content_info.php
content_options.php
content_related.php
index_list_tree.php
jquery.bctree.js
aquilao null
software
security patch.
EPSS
0.001
Percentile
28.8%
baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS).
- Impact: XSS via Arbitrary script execution.
- Attack vector is: Administrator must be logged in.
- Components are: content_fields.php, content_info.php, content_options.php, content_related.php, index_list_tree.php, jquery.bcTree.js
- Tested baserCMS Version : 4.3.6 (Latest)
- Affected baserCMS Version : 4.0.0 ~ 4.3.6
- Patches : https://basercms.net/security/20200827
Found by Aquilao Null
Related
nvd
nvd
CVE-2020-15154
2020-08-28 21:15:11
cve
cve
CVE-2020-15154
2020-08-28 21:15:11
github
github
Cross Site Scripting in baserCMS
2020-08-28 20:48:12
osv
osv
CVE-2020-15154
2020-08-28 21:15:11
prion
prion
Cross site scripting
2020-08-28 21:15:00
cvelist
cvelist
CVE-2020-15154 Cross Site Scripting in baserCMS
2020-08-28 21:10:14