CVE Vulnerability

CVE-2022-39325

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.

6.1 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5 Third Party Advisory
https://basercms.net/security/JVN_53682526 Vendor Advisory
https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*
Information

Published : 2022-11-25 08:15

Updated : 2022-12-01 05:34

NVD link : CVE-2022-39325

Mitre link : CVE-2022-39325

Products Affected
No products.
CWE
CWE-79