Lucene search
Veracode Vulnerability DatabaseVERACODE:38314HistoryDec 01, 2022 - 11:19 a.m.
Cross-site Scripting (XSS)
2022-12-0111:19:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
basercms
software
xss
vulnerability
permission settings
user-supplied data
malicious javascript
EPSS
0.001
Percentile
29.4%
baserproject/basercms is vulnerable to cross-site scripting. The vulnerability exists due to insufficient sanitization of user-supplied data in the permission settings feature which allows an attacker to inject and execute malicious JavaScript on the victim’s browser.
References
basercms.net/security/JVN_53682526
github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6
github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5
jvn.jp/en/jp/JVN53682526/index.html
jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000094.html
www.cybersecurity-help.cz/vdb/SB2022112415
Related
github
github
baserCMS vulnerable to stored Cross-site Scripting
2022-12-07 06:30:26
baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability
2022-11-28 22:14:48
nvd
nvd
CVE-2022-41994
2022-12-07 04:15:10
prion
prion
Cross site scripting
2022-12-07 04:15:00
cvelist
cvelist
CVE-2022-41994
2022-12-07 00:00:00
osv
osv
baserCMS vulnerable to stored Cross-site Scripting
2022-12-07 06:30:26
CVE-2022-41994
2022-12-07 04:15:10
baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability
2022-11-28 22:14:48
cve
cve
CVE-2022-41994
2022-12-07 04:15:10
jvn
jvn
JVN#53682526: Multiple cross-site scripting vulnerabilities in baserCMS
2022-11-25 00:00:00