CVE-2024-46995

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-46995

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46995.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-46995

Aliases

GHSA-mr7q-fv7j-jcgv

Published

2024-10-24T18:31:12.796Z

Modified

2025-12-05T06:32:01.957259Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

baserCMS has Cross-site Scripting Vulnerability in HTTP 400 Bad Request

Details

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46995.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/baserproject/basercms

Affected ranges

Type: GIT
Repo: https://github.com/baserproject/basercms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4c778aa9bc86d7c76499761dbb2364d11502f153

Affected versions

2.*

2.0.0

2.0.0-beta

2.0.0-rc1

2.0.0-rc2

2.0.0-rc3

2.0.0-rc4

2.0.0-rc5

2.0.0-rc6

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.5.1

2.1.0

2.1.1

2.1.2

3.*

3.0.0

3.0.1

3.0.10

3.0.11

3.0.11.1

3.0.17

3.0.18

3.0.19

3.0.2

3.0.20

3.0.21

3.0.22

3.0.23

3.0.24

3.0.25

3.0.26

3.0.3

3.0.4

3.0.5

3.0.5.1

3.0.6

3.0.6-beta

3.0.6.1

3.0.7

3.0.8

3.0.9

4.*

4.0.0

4.0.0-beta

4.0.1

4.0.10

4.0.10.1

4.0.11

4.0.2

4.0.2.1

4.0.3

4.0.4

4.0.5

4.0.5.1

4.0.5.2

4.0.6

4.0.7

4.0.8

4.0.9

4.1.0

4.1.0.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.1.7

4.1.8

4.2.0

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.6

4.3.7

4.3.7.1

4.4.0

4.4.1

4.4.1.1

4.4.2

4.4.2.1

4.4.3

4.4.4

4.4.5

4.4.6

4.4.7

4.4.8

4.5.0

4.5.1

4.5.2

4.5.3

4.5.4

4.5.5

4.5.6

4.6.0

4.6.1

4.6.1.1

4.6.2

4.6.3

4.7.0

4.7.2

4.7.3

4.7.5

5.*

5.0.0-beta1

5.0.0-beta2

5.0.0-beta3

5.0.0-beta4

5.0.12

5.0.9

5.1.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46995.json"