Moderate severityNVD Advisory· Published Dec 7, 2022· Updated Apr 23, 2025
CVE-2022-42486
CVE-2022-42486
Description
Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
baserproject/basercmsPackagist | < 4.7.2 | 4.7.2 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-7w2v-35j3-xrm9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-42486ghsaADVISORY
- basercms.net/security/JVN_53682526ghsaWEB
- jvn.jp/en/jp/JVN53682526/index.htmlghsaWEB
News mentions
0No linked articles in our index yet.