High severity7.3NVD Advisory· Published Aug 28, 2020· Updated Jun 17, 2026
CVE-2020-15155
CVE-2020-15155
Description
baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. The issue is fixed in version 4.3.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
baserproject/basercmsPackagist | >= 4.0.0, < 4.3.7 | 4.3.7 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30fnvdPatchThird Party AdvisoryWEB
- github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3nvdPatchThird Party AdvisoryWEB
- basercms.net/security/20200827nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-4r3m-j6x5-48m3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-15155ghsaADVISORY
News mentions
0No linked articles in our index yet.