baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. The issue is fixed in version 4.3.7.
References
Link | Resource |
---|---|
https://basercms.net/security/20200827 | Vendor Advisory |
https://github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30f | Patch Third Party Advisory |
https://github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-08-28T21:40:15
Updated: 2020-08-28T21:40:15
Reserved: 2020-06-25T00:00:00
Link: CVE-2020-15155
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-28T22:15:10.563
Modified: 2020-09-03T14:22:12.027
Link: CVE-2020-15155
JSON object: View
Redhat Information
No data.
CWE