CVE-2024-26128
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-26128
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26128.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-26128
- Aliases
- Published
- 2024-02-22T18:32:43Z
- Modified
- 2025-11-04T20:17:00.075415Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- baserCMS Cross-site Scripting vulnerability in Content Management
- Details
-
baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability.
- Database specific
{ "cwe_ids": [ "CWE-79" ] }- References
Affected packages
Git / github.com/baserproject/basercms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/baserproject/basercms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.0.0
2.0.0-beta
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
2.0.0-rc5
2.0.0-rc6
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.5.1
2.1.0
2.1.1
2.1.2
3.*
3.0.0
3.0.1
3.0.10
3.0.11
3.0.11.1
3.0.17
3.0.18
3.0.19
3.0.2
3.0.20
3.0.21
3.0.22
3.0.23
3.0.24
3.0.25
3.0.26
3.0.3
3.0.4
3.0.5
3.0.5.1
3.0.6
3.0.6-beta
3.0.6.1
3.0.7
3.0.8
3.0.9
4.*
4.0.0
4.0.0-beta
4.0.1
4.0.10
4.0.10.1
4.0.11
4.0.2
4.0.2.1
4.0.3
4.0.4
4.0.5
4.0.5.1
4.0.5.2
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.1.0.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.7.1
4.4.0
4.4.1
4.4.1.1
4.4.2
4.4.2.1
4.4.3
4.4.4
4.4.5
4.4.6
4.4.7
4.4.8
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.6.0
4.6.1
4.6.1.1
4.6.2
4.6.3
4.7.0
4.7.2
4.7.3
4.7.5
5.*
5.0.0-beta1
5.0.0-beta2
5.0.0-beta3
5.0.0-beta4