CVE-2016-4879

CVE-2016-4879 describes a Cross-site request forgery (CSRF) vulnerability in baserCMS and its Mail plugin (version 3.0.10 and earlier). The affected components are baserCMS core and plugins Mail, Blog, Feed, and Uploader (all 3.0.10 and earlier per JVN/NVD summaries). The vulnerability allows a l...

CVE-2016-4877

CVE-2016-4877 is a stored cross-site scripting vulnerability affecting baserCMS and the Mail plugin (version 3.0.10 and earlier). The flaw allows a user in the Administrative group to insert arbitrary script or HTML that may execute in other administrative contexts. Root cause: insufficient input...