Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
References
Link | Resource |
---|---|
https://basercms.net/security/JVN64869876 | Patch Vendor Advisory |
https://jvn.jp/en/jp/JVN64869876/index.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2021-03-26T08:50:29
Updated: 2021-03-26T08:50:28
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20683
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-26T09:15:12.167
Modified: 2021-03-29T15:43:14.643
Link: CVE-2021-20683
JSON object: View
Redhat Information
No data.
CWE