baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

Vulnerability

Overview CVE-2024-46996 is a stored cross-site scripting (XSS) vulnerability in the Blog posts feature of baserCMS, a PHP-based website development framework. The root cause is improper handling of the 'slug' field in the article editing screen, allowing an attacker with administrative access to inject malicious scripts that are stored and later executed in the context of other users [1][2].

Attack

Vector and Prerequisites Exploitation requires an authenticated user with access to the article editing interface. The attack complexity is low, but the attacker must have sufficient privileges to create or edit blog posts. Since the vulnerability exists in the management screen, it primarily affects sites where the admin interface is accessible to multiple untrusted users [2][3].

Impact

If successfully exploited, an attacker can execute arbitrary JavaScript in the browser of any user viewing the affected blog post. This can lead to session hijacking, defacement, or theft of sensitive data within the context of the application. The stored XSS persists until the malicious input is removed [1][2].

Mitigation

The vulnerability is fixed in baserCMS version 5.1.2. Users running baserCMS 5.1.2 or earlier should update immediately. For baserCMS 4.x, version 4.8.2 (if released) may address similar issues; users are advised to check the vendor advisory. No workaround has been provided; updating is the recommended action [2][3].