We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-43649

baserCMS CSRF vulnerability in Content preview Feature



AssignerGitHub_M
Reserved2023-09-20
Published2023-10-30
Updated2024-09-05

Description

baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.



MEDIUM: 4.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Problem types

CWE-352: Cross-Site Request Forgery (CSRF)

Product status

< 4.8.0
affected

References

https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5

https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6

https://basercms.net/security/JVN_99052047

cve.org CVE-2023-43649

nvd.nist.gov CVE-2023-43649

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-43649
Subscribe to our newsletter to learn more about our work.