CVE-2024-46995

MEDIUM

Published 2024-10-24T18:31:12.796Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-46995. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

6.1

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14

0.001

probability

of exploitation in the wild

There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25

Exploit Probability

Percentile: 0.251

Higher than 25.1% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Impact Metrics

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Description

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

baserproject

basercms

Affected Versions:

< 5.1.2

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed MODERATE

baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request

GHSA-mr7q-fv7j-jcgv

Advisory Details

XSS vulnerability in HTTP 400 Bad Request to baserCMS. ### Target baserCMS 5.1.1 and earlier versions ### Vulnerability Malicious code may be executed in HTTP 400 Bad Request. ### Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information. https://basercms.net/security/JVN_00876083

Affected Packages

Packagist baserproject/basercms

ECOSYSTEM: ≥0 <5.1.2

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

WEB https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-46995

WEB https://basercms.net/security/JVN_00876083

WEB https://basercms.net/security/JVN_06274755

PACKAGE https://github.com/baserproject/basercms

Advisory provided by GitHub Security Advisory Database. Published: October 24, 2024, Modified: October 24, 2024

References

https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv

https://basercms.net/security/JVN_06274755

Published: 2024-10-24T18:31:12.796Z

Last Modified: 2024-10-24T19:23:24.838Z

Copied to clipboard!

CVE-2024-46995

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

basercms

Affected Versions:

GitHub Security Advisories

baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request

Advisory Details

Affected Packages

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!