EPSS
Percentile
33.0%
baserproject/basercms is vulnerable to cross-site scripting. The file upload function on the management system does not escape user-provided data, allowing an attacker to inject and execute malicious javascript.
jvn.jp/en/jp/JVN14134801/index.html
basercms.net/security/JVN_14134801
github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc
github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3