Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Packages

Packagist baserproject/basercms

Affected versions: 4.0.0 (last affected: 4.1.0.1)

Packagist baserproject/basercms

Affected versions: 0 (last affected: 3.0.15)

Related CVEs

CVE-2018-0570

Key Information

GHSA ID

GHSA-994g-74gq-5qpr

Published

May 14, 2022 3:06 AM

Last Modified

October 6, 2023 4:46 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

baserproject/basercms

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.