Medium severity4.8NVD Advisory· Published Nov 5, 2018· Updated Jun 17, 2026
CVE-2018-18943
CVE-2018-18943
Description
An issue was discovered in baserCMS before 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the data[UploaderCategory][name] parameter to an admin/uploader/uploader_categories/edit URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
baserproject/basercmsPackagist | < 4.1.4 | 4.1.4 |
Affected products
1Patches
Vulnerability mechanics
References
6- sunu11.com/2018/10/31/baserCMS/nvdExploitThird Party Advisory
- basercms.net/release/4_1_4nvdRelease NotesVendor Advisory
- github.com/advisories/GHSA-fx2m-5m9v-jhgpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-18943ghsaADVISORY
- web.archive.org/web/20200130073341/https://basercms.net/release/4_1_4ghsaWEB
- web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMSghsaWEB
News mentions
0No linked articles in our index yet.