Medium severity6.1NVD Advisory· Published Oct 27, 2023· Updated Jun 17, 2026
CVE-2023-29009
CVE-2023-29009
Description
baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
baserproject/basercmsPackagist | < 4.8.0 | 4.8.0 |
Affected products
2Patches
Vulnerability mechanics
References
6- basercms.net/security/JVN_45547161nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-8vqx-prq4-rqrqghsaADVISORY
- github.com/baserproject/basercms/security/advisories/GHSA-8vqx-prq4-rqrqnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-29009ghsaADVISORY
- github.com/baserproject/basercms/commit/919c3ccbbd7a2432967dcb2e428131cc7ad71bb2ghsaWEB
- github.com/baserproject/basercms/releases/tag/basercms-4.8.0nvdRelease NotesWEB
News mentions
0No linked articles in our index yet.