8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.6%
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.
basercms.net/security/20201029
github.com/baserproject/basercms/commit/d14f506385f21d67d5ff3462f204d4c2321b7c54
github.com/baserproject/basercms/security/advisories/GHSA-fw5q-j9p4-3vxg