Lucene search
GoogleOSV:GHSA-HGJR-632X-QPP3HistoryAug 30, 2021 - 4:18 p.m.
Cross-site scripting vulnerability in file upload
2021-08-3016:18:59
Google
osv.dev
4
0.001 Low
EPSS
Percentile
33.2%
There is a cross-site scripting vulnerability in file upload on the management system of baserCMS.
This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.
Target
baserCMS 4.5.1 and earlier versions
Vulnerability
Execution of malicious JavaScript code may alter the display of the page or leak cookie information.
Countermeasures
Update to the latest version of baserCMS
Please refer to the next page for details.
https://basercms.net/security/JVN_14134801
References
Related
cve
cve
CVE-2021-39136
2021-08-25 18:15:07
cnvd
cnvd
BaserCMS Cross-Site Scripting Vulnerability (CNVD-2021-93919)
2021-08-26 00:00:00
osv
osv
CVE-2021-39136
2021-08-25 18:15:07
jvn
jvn
JVN#14134801: baserCMS vulnerable to cross-site scripting
2021-08-27 00:00:00
cvelist
cvelist
CVE-2021-39136 Cross-site scripting vulnerability in file upload
2021-08-25 18:05:13
veracode
veracode
Cross-site Scripting (XSS)
2021-08-26 03:01:55
prion
prion
Cross site scripting
2021-08-25 18:15:00
nvd
nvd
CVE-2021-39136
2021-08-25 18:15:07
github
github
Cross-site scripting vulnerability in file upload
2021-08-30 16:18:59