CVE-2022-39325

Cross-site scripting vulnerability in BaserCMS

CVSS 4.6 MEDIUMEPSS 0.5%CWE-79

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 4.6EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

25 nov 2022Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Productos afectados

baserproject · basercms

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://basercms.net/security/JVN_53682526 https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6 https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5