Moderate severityNVD Advisory· Published Oct 30, 2023· Updated Sep 6, 2024
baserCMS Cross-site Scripting vulnerability in File upload Feature
CVE-2023-43647
Description
baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
baserproject/basercmsPackagist | < 4.8.0 | 4.8.0 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-ggj4-78rm-6xgvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-43647ghsaADVISORY
- basercms.net/security/JVN_24381990ghsax_refsource_MISCWEB
- github.com/baserproject/basercms/commit/eb5977533d05db4f3bb03bd19630b66052799b2eghsax_refsource_MISCWEB
- github.com/baserproject/basercms/security/advisories/GHSA-ggj4-78rm-6xgvghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.