Lucene search
Veracode Vulnerability DatabaseVERACODE:38315HistoryDec 01, 2022 - 11:34 a.m.
Cross-site Scripting (XSS)
2022-12-0111:34:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
cross-site scripting
baserproject/basercms
user group management
insufficient sanitization
malicious javascript
browser
0.001 Low
EPSS
Percentile
26.2%
baserproject/basercms is vulnerable to cross-site scripting. The vulnerability exists due to insufficient sanitization of user-supplied data in user group management feature which allows an attacker to inject and execute malicious javaScript on victim’s browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| baserproject/basercms | le | 4.5.4 | |
| baserproject/basercms | le | 4.5.4 |
References
basercms.net/security/JVN_53682526
github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6
github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5
jvn.jp/en/jp/JVN53682526/index.html
jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000094.html
www.cybersecurity-help.cz/vdb/SB2022112415
Related
prion
prion
Cross site scripting
2022-12-07 04:15:00
nvd
nvd
CVE-2022-42486
2022-12-07 04:15:10
osv
osv
CVE-2022-42486
2022-12-07 04:15:10
baserCMS vulnerable to stored Cross-site Scripting
2022-12-07 06:30:26
baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability
2022-11-28 22:14:48
cve
cve
CVE-2022-42486
2022-12-07 04:15:10
github
github
baserCMS vulnerable to stored Cross-site Scripting
2022-12-07 06:30:26
baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability
2022-11-28 22:14:48
cvelist
cvelist
CVE-2022-42486
2022-12-07 00:00:00
jvn
jvn
JVN#53682526: Multiple cross-site scripting vulnerabilities in baserCMS
2022-11-25 00:00:00