GHSA-v9w8-hq92-v39m
GitHub Security Advisory
Cross-site Scripting (XSS) in baserCMS
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
Affected Packages
Packagist
baserproject/basercms
Affected versions:
0
(fixed in 4.4.5)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: September 13, 2025 6:06 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.