Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Packages

Packagist baserproject/basercms

Affected versions: 4.0.0 (last affected: 4.1.0.1)

Packagist baserproject/basercms

Affected versions: 0 (last affected: 3.0.15)

Related CVEs

CVE-2018-0574

Key Information

GHSA ID

GHSA-6qjv-43mf-rgrh

Published

May 14, 2022 3:06 AM

Last Modified

October 6, 2023 4:46 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

baserproject/basercms

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 9, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.