CVE-2018-0570

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-0570

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-0570.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-0570

Aliases

GHSA-994g-74gq-5qpr

Published

2018-06-26T14:29:00Z

Modified

2024-09-03T02:00:46.371884Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

References

Affected packages

Git / github.com/baserproject/basercms

Affected ranges

Type: GIT
Repo: https://github.com/baserproject/basercms
Events: Last affected

0394401af4b827ab6e3e779a4abac8e90eb4b54a

Introduced

c282aeca512ddadc69d02edf860c870d5662903b

Last affected

8dafa2d69e449536e0320266a75a4516df5b00ad

Affected versions

3.*

3.0.0

3.0.1

3.0.10

3.0.11

3.0.11.1

3.0.12

3.0.13

3.0.14

3.0.15

3.0.2

3.0.3

3.0.4

3.0.5

3.0.5.1

3.0.6

3.0.6-beta

3.0.6.1

3.0.7

3.0.8

3.0.9

4.*

4.0.0

4.0.0-beta

4.0.1

4.0.10

4.0.10.1

4.0.11

4.0.2

4.0.2.1

4.0.3

4.0.4

4.0.5

4.0.5.1

4.0.5.2

4.0.6

4.0.7

4.0.8

4.0.9

4.1.0

4.1.0.1