CVE-2024-46995

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-46995

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46995.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-46995

Aliases

GHSA-mr7q-fv7j-jcgv

Published

2024-10-24T19:15:14Z

Modified

2024-10-28T23:50:28.201191Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.

References

Affected packages

Git / github.com/baserproject/basercms

Affected ranges

Type: GIT
Repo: https://github.com/baserproject/basercms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4c778aa9bc86d7c76499761dbb2364d11502f153

Affected versions

2.*

2.0.0

2.0.0-beta

2.0.0-rc1

2.0.0-rc2

2.0.0-rc3

2.0.0-rc4

2.0.0-rc5

2.0.0-rc6

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.5.1

2.1.0

2.1.1

2.1.2

3.*

3.0.0

3.0.1

3.0.10

3.0.11

3.0.11.1

3.0.17

3.0.18

3.0.19

3.0.2

3.0.20

3.0.21

3.0.22

3.0.23

3.0.24

3.0.25

3.0.26

3.0.3

3.0.4

3.0.5

3.0.5.1

3.0.6

3.0.6-beta

3.0.6.1

3.0.7

3.0.8

3.0.9

4.*

4.0.0

4.0.0-beta

4.0.1

4.0.10

4.0.10.1

4.0.11

4.0.2

4.0.2.1

4.0.3

4.0.4

4.0.5

4.0.5.1

4.0.5.2

4.0.6

4.0.7

4.0.8

4.0.9

4.1.0

4.1.0.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.1.7

4.1.8

4.2.0

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.6

4.3.7

4.3.7.1

4.4.0

4.4.1

4.4.1.1

4.4.2

4.4.2.1

4.4.3

4.4.4

4.4.5

4.4.6

4.4.7

4.4.8

4.5.0

4.5.1

4.5.2

4.5.3

4.5.4

4.5.5

4.5.6

4.6.0

4.6.1

4.6.1.1

4.6.2

4.6.3

4.7.0

4.7.2

4.7.3

4.7.5

5.*

5.0.0-beta1

5.0.0-beta2

5.0.0-beta3

5.0.0-beta4

5.0.12

5.0.9

5.1.1