CVE-2026-32734
- Source
- https://cve.org/CVERecord?id=CVE-2026-32734
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32734.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-32734
- Aliases
- Published
- 2026-03-31T00:46:43.317Z
- Modified
- 2026-04-10T05:42:26.742177Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L CVSS Calculator
- Summary
- baserCMS: Multiple vulnerabilities in baserCMS
- Details
-
baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3.
- Database specific
{ "cwe_ids": [ "CWE-79" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32734.json", "cna_assigner": "GitHub_M" }- References
-
- https://basercms.net/security/JVN_20837860
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32734.json
- https://github.com/baserproject/basercms/releases/tag/5.2.3
- https://github.com/baserproject/basercms/security/advisories/GHSA-677c-xv24-crgx
- https://nvd.nist.gov/vuln/detail/CVE-2026-32734
Affected packages
Git / github.com/baserproject/basercms
Affected versions
2.*
2.0.0
2.0.0-beta
2.0.1
2.0.2
2.0.3
2.1.0
2.1.2
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.5.1
3.0.6
3.0.6-beta
3.0.7
4.*
4.0.0
4.0.0-beta
4.0.6
4.0.7
4.1.0
4.1.0.1
4.1.1
4.1.2
4.2.2
4.2.4
4.3.0
4.3.3
4.3.5
4.3.6
4.3.7
4.3.7.1
4.4.0
4.4.1.1
4.4.2.1
4.4.3
4.4.4
4.4.6
4.4.8
4.5.0
4.5.1
4.5.2
4.6.0
4.6.1
4.6.1.1
4.6.2
4.7.0
4.7.2
4.7.3
4.7.5
5.*
5.0.0-beta1
5.0.0-beta2
5.0.0-beta3
5.0.0-beta4
5.1.1
5.1.3
5.1.4
5.1.5
5.1.6
5.2.0
5.2.1
5.2.2