2 matches found
Cross Site Scripting and RCE in baserCMS
baserCMS 4.3.6 and earlier is affected by Cross Site Scripting XSS and Remote Code Execution RCE. Impact: XSS to RCE via Arbitrary file upload. Attack vector is: Administrator must be logged in. Components are: ThemeFilesController.php, UploaderFilesController.php. Tested baserCMS Version : 4.3.6...
GHSA-673X-F5WX-FXPW Cross Site Scripting and RCE in baserCMS
baserCMS 4.3.6 and earlier is affected by Cross Site Scripting XSS and Remote Code Execution RCE. Impact: XSS to RCE via Arbitrary file upload. Attack vector is: Administrator must be logged in. Components are: ThemeFilesController.php, UploaderFilesController.php. Tested baserCMS Version : 4.3.6...