Known Vulnerabilities
CVE-2022-41994
Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
UNKNOWN
CVSS 4.8
Published Dec 07, 2022
CVE-2022-42486
Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
UNKNOWN
CVSS 4.8
Published Dec 07, 2022