{"url":"http://public2.vulnerablecode.io/api/packages/22100?format=json","purl":"pkg:composer/baserproject/basercms@3.0.15","type":"composer","namespace":"baserproject","name":"basercms","version":"3.0.15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.2.3","latest_non_vulnerable_version":"5.2.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/333942?format=json","vulnerability_id":"VCID-19n8-vups-cyg8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20683","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4242","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20683"},{"reference_url":"https://basercms.net/security/JVN64869876","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN64869876"},{"reference_url":"https://github.com/baserproject/basercms/commit/88ccc61e5656b05dd13204d61de706efaa2cd0b1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/88ccc61e5656b05dd13204d61de706efaa2cd0b1"},{"reference_url":"https://jvn.jp/en/jp/JVN64869876/index.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jvn.jp/en/jp/JVN64869876/index.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20683","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20683"},{"reference_url":"https://github.com/advisories/GHSA-v9w8-hq92-v39m","reference_id":"GHSA-v9w8-hq92-v39m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v9w8-hq92-v39m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/383213?format=json","purl":"pkg:composer/baserproject/basercms@4.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5"}],"aliases":["CVE-2021-20683","GHSA-v9w8-hq92-v39m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19n8-vups-cyg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74467?format=json","vulnerability_id":"VCID-1nef-kbvb-nqgv","summary":"baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is directly passed to exec() without sufficient validation or escaping. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21861","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33395","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21861"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21861","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21861"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-qxmc-6f24-g86g","reference_id":"GHSA-qxmc-6f24-g86g","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qxmc-6f24-g86g"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-qxmc-6f24-g86g","reference_id":"GHSA-qxmc-6f24-g86g","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-qxmc-6f24-g86g"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-21861","GHSA-qxmc-6f24-g86g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1nef-kbvb-nqgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129051?format=json","vulnerability_id":"VCID-2c9a-4k3v-1ydj","summary":"baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25655","reference_id":"","reference_type":"","scores":[{"value":"0.00561","scoring_system":"epss","scoring_elements":"0.68769","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25655"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25655","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25655"},{"reference_url":"https://github.com/baserproject/basercms/commit/922025a98b0e697ab78f6a785a004e0729aa9100","reference_id":"922025a98b0e697ab78f6a785a004e0729aa9100","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/"}],"url":"https://github.com/baserproject/basercms/commit/922025a98b0e697ab78f6a785a004e0729aa9100"},{"reference_url":"https://github.com/baserproject/basercms/commit/9297629983ed908c7f51bf61a0231dde91404ebd","reference_id":"9297629983ed908c7f51bf61a0231dde91404ebd","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/"}],"url":"https://github.com/baserproject/basercms/commit/9297629983ed908c7f51bf61a0231dde91404ebd"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5","reference_id":"basercms-4.7.5","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5"},{"reference_url":"https://github.com/advisories/GHSA-mfvg-qwcw-qvc8","reference_id":"GHSA-mfvg-qwcw-qvc8","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mfvg-qwcw-qvc8"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-mfvg-qwcw-qvc8","reference_id":"GHSA-mfvg-qwcw-qvc8","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-mfvg-qwcw-qvc8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380824?format=json","purl":"pkg:composer/baserproject/basercms@4.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3pja-sw64-bfcv"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.5"}],"aliases":["CVE-2023-25655","GHSA-mfvg-qwcw-qvc8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2c9a-4k3v-1ydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/128826?format=json","vulnerability_id":"VCID-3btn-6dkf-67aq","summary":"baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43647","reference_id":"","reference_type":"","scores":[{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.69127","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43647"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43647","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43647"},{"reference_url":"https://github.com/baserproject/basercms/commit/eb5977533d05db4f3bb03bd19630b66052799b2e","reference_id":"eb5977533d05db4f3bb03bd19630b66052799b2e","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/"}],"url":"https://github.com/baserproject/basercms/commit/eb5977533d05db4f3bb03bd19630b66052799b2e"},{"reference_url":"https://github.com/advisories/GHSA-ggj4-78rm-6xgv","reference_id":"GHSA-ggj4-78rm-6xgv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ggj4-78rm-6xgv"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-ggj4-78rm-6xgv","reference_id":"GHSA-ggj4-78rm-6xgv","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-ggj4-78rm-6xgv"},{"reference_url":"https://basercms.net/security/JVN_24381990","reference_id":"JVN_24381990","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/"}],"url":"https://basercms.net/security/JVN_24381990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379076?format=json","purl":"pkg:composer/baserproject/basercms@4.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/394610?format=json","purl":"pkg:composer/baserproject/basercms@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0"}],"aliases":["CVE-2023-43647","GHSA-ggj4-78rm-6xgv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3btn-6dkf-67aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129106?format=json","vulnerability_id":"VCID-3jx2-hpuj-afaf","summary":"baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25654","reference_id":"","reference_type":"","scores":[{"value":"0.02083","scoring_system":"epss","scoring_elements":"0.84359","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25654"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25654","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25654"},{"reference_url":"https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96","reference_id":"002886be0998c74c386e04f0b43688a8a45d7a96","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/"}],"url":"https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96"},{"reference_url":"https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359","reference_id":"08247f0a633d8e836ce2e5cd2d53aa19901a1359","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/"}],"url":"https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359"},{"reference_url":"https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0","reference_id":"60f83054d8131b0ace60716cec7e629b5eb3a8f0","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/"}],"url":"https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5","reference_id":"basercms-4.7.5","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5"},{"reference_url":"https://github.com/advisories/GHSA-h4cc-fxpp-pgw9","reference_id":"GHSA-h4cc-fxpp-pgw9","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h4cc-fxpp-pgw9"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9","reference_id":"GHSA-h4cc-fxpp-pgw9","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380824?format=json","purl":"pkg:composer/baserproject/basercms@4.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3pja-sw64-bfcv"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.5"}],"aliases":["CVE-2023-25654","GHSA-h4cc-fxpp-pgw9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3jx2-hpuj-afaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/128422?format=json","vulnerability_id":"VCID-46uc-rvvt-5ke8","summary":"baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form submission data management feature of baserCMS. Version 4.8.0 contains a patch for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43648","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52682","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43648"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43648","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43648"},{"reference_url":"https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b","reference_id":"7555a5cf0006755dc0223fffc2d882b50a97758b","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/"}],"url":"https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b"},{"reference_url":"https://github.com/advisories/GHSA-hmqj-gv2m-hq55","reference_id":"GHSA-hmqj-gv2m-hq55","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hmqj-gv2m-hq55"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55","reference_id":"GHSA-hmqj-gv2m-hq55","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55"},{"reference_url":"https://basercms.net/security/JVN_81174674","reference_id":"JVN_81174674","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/"}],"url":"https://basercms.net/security/JVN_81174674"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379076?format=json","purl":"pkg:composer/baserproject/basercms@4.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/394610?format=json","purl":"pkg:composer/baserproject/basercms@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0"}],"aliases":["CVE-2023-43648","GHSA-hmqj-gv2m-hq55"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-46uc-rvvt-5ke8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38023?format=json","vulnerability_id":"VCID-686s-gr1n-4qa9","summary":"baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46995","reference_id":"","reference_type":"","scores":[{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75633","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46995"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46995","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46995"},{"reference_url":"https://github.com/advisories/GHSA-mr7q-fv7j-jcgv","reference_id":"GHSA-mr7q-fv7j-jcgv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mr7q-fv7j-jcgv"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv","reference_id":"GHSA-mr7q-fv7j-jcgv","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:15Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv"},{"reference_url":"https://basercms.net/security/JVN_06274755","reference_id":"JVN_06274755","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:15Z/"}],"url":"https://basercms.net/security/JVN_06274755"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371911?format=json","purl":"pkg:composer/baserproject/basercms@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-py24-kt42-9kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2"}],"aliases":["CVE-2024-46995","GHSA-mr7q-fv7j-jcgv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-686s-gr1n-4qa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66348?format=json","vulnerability_id":"VCID-6p1v-g9d1-zfe5","summary":"baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30880","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18231","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30880"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30880","reference_id":"","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30880"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-6hpg-8rx3-cwgv","reference_id":"GHSA-6hpg-8rx3-cwgv","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6hpg-8rx3-cwgv"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-6hpg-8rx3-cwgv","reference_id":"GHSA-6hpg-8rx3-cwgv","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-6hpg-8rx3-cwgv"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-30880","GHSA-6hpg-8rx3-cwgv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6p1v-g9d1-zfe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206740?format=json","vulnerability_id":"VCID-6yw8-d6jx-ykcm","summary":"Potential Zip Slip Vulnerability in baserCMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41279","reference_id":"","reference_type":"","scores":[{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6356","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41279"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/d8ab0a81a7bce35cc95ff7dff851a7e87a084336","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/d8ab0a81a7bce35cc95ff7dff851a7e87a084336"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41279","reference_id":"CVE-2021-41279","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41279"},{"reference_url":"https://github.com/advisories/GHSA-4x2f-54wr-4hjg","reference_id":"GHSA-4x2f-54wr-4hjg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4x2f-54wr-4hjg"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-4x2f-54wr-4hjg","reference_id":"GHSA-4x2f-54wr-4hjg","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-4x2f-54wr-4hjg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18160?format=json","purl":"pkg:composer/baserproject/basercms@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.4"}],"aliases":["CVE-2021-41279","GHSA-4x2f-54wr-4hjg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yw8-d6jx-ykcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297678?format=json","vulnerability_id":"VCID-7qsb-z8v2-zkhz","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0570","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41322","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0570"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0570","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0570"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0570","GHSA-994g-74gq-5qpr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qsb-z8v2-zkhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140745?format=json","vulnerability_id":"VCID-7rv4-k7qe-vyds","summary":"baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29009","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.6842","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29009"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/919c3ccbbd7a2432967dcb2e428131cc7ad71bb2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/919c3ccbbd7a2432967dcb2e428131cc7ad71bb2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29009","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29009"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.8.0","reference_id":"basercms-4.8.0","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.8.0"},{"reference_url":"https://github.com/advisories/GHSA-8vqx-prq4-rqrq","reference_id":"GHSA-8vqx-prq4-rqrq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8vqx-prq4-rqrq"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-8vqx-prq4-rqrq","reference_id":"GHSA-8vqx-prq4-rqrq","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-8vqx-prq4-rqrq"},{"reference_url":"https://basercms.net/security/JVN_45547161","reference_id":"JVN_45547161","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/"}],"url":"https://basercms.net/security/JVN_45547161"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379076?format=json","purl":"pkg:composer/baserproject/basercms@4.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/663088?format=json","purl":"pkg:composer/baserproject/basercms@5.0.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0-beta1"}],"aliases":["CVE-2023-29009","GHSA-8vqx-prq4-rqrq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7rv4-k7qe-vyds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297680?format=json","vulnerability_id":"VCID-9hcb-zk3c-puga","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0572","reference_id":"","reference_type":"","scores":[{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41144","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0572"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0572","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0572"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0572","GHSA-mjj9-33j8-pfwh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hcb-zk3c-puga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168241?format=json","vulnerability_id":"VCID-ambd-vx8w-y7b5","summary":"BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39325","reference_id":"","reference_type":"","scores":[{"value":"0.00687","scoring_system":"epss","scoring_elements":"0.72214","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39325"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2"},{"reference_url":"https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6","reference_id":"b6f8a54e90dee51317eddf517b776fe8b4cd3ef6","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/"}],"url":"https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39325","reference_id":"CVE-2022-39325","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39325"},{"reference_url":"https://github.com/advisories/GHSA-395x-wv32-44v5","reference_id":"GHSA-395x-wv32-44v5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-395x-wv32-44v5"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5","reference_id":"GHSA-395x-wv32-44v5","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5"},{"reference_url":"https://basercms.net/security/JVN_53682526","reference_id":"JVN_53682526","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/"}],"url":"https://basercms.net/security/JVN_53682526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28096?format=json","purl":"pkg:composer/baserproject/basercms@4.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-3pja-sw64-bfcv"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2"}],"aliases":["CVE-2022-39325","GHSA-395x-wv32-44v5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ambd-vx8w-y7b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37807?format=json","vulnerability_id":"VCID-c77m-9mgg-c3ht","summary":"baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46996","reference_id":"","reference_type":"","scores":[{"value":"0.01236","scoring_system":"epss","scoring_elements":"0.79626","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46996"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46996","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46996"},{"reference_url":"https://github.com/advisories/GHSA-66jv-qrm3-vvfg","reference_id":"GHSA-66jv-qrm3-vvfg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-66jv-qrm3-vvfg"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-66jv-qrm3-vvfg","reference_id":"GHSA-66jv-qrm3-vvfg","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:22:34Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-66jv-qrm3-vvfg"},{"reference_url":"https://basercms.net/security/JVN_00876083","reference_id":"JVN_00876083","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:22:34Z/"}],"url":"https://basercms.net/security/JVN_00876083"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371911?format=json","purl":"pkg:composer/baserproject/basercms@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-py24-kt42-9kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2"}],"aliases":["CVE-2024-46996","GHSA-66jv-qrm3-vvfg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c77m-9mgg-c3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/131247?format=json","vulnerability_id":"VCID-cknd-kv9u-sfdc","summary":"baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51450","reference_id":"","reference_type":"","scores":[{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73698","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51450"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c","reference_id":"18f426d63e752b4d22c40e9ea8d1f6e692ef601c","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/"}],"url":"https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-51450","reference_id":"CVE-2023-51450","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-51450"},{"reference_url":"https://github.com/advisories/GHSA-77fc-4cv5-hmfr","reference_id":"GHSA-77fc-4cv5-hmfr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-77fc-4cv5-hmfr"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr","reference_id":"GHSA-77fc-4cv5-hmfr","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr"},{"reference_url":"https://basercms.net/security/JVN_09767360","reference_id":"JVN_09767360","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/"}],"url":"https://basercms.net/security/JVN_09767360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29267?format=json","purl":"pkg:composer/baserproject/basercms@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9"}],"aliases":["CVE-2023-51450","GHSA-77fc-4cv5-hmfr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cknd-kv9u-sfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77539?format=json","vulnerability_id":"VCID-cprt-rzws-tkgh","summary":"baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32734","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02278","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32734"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32734","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32734"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-677c-xv24-crgx","reference_id":"GHSA-677c-xv24-crgx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-677c-xv24-crgx"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-677c-xv24-crgx","reference_id":"GHSA-677c-xv24-crgx","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-677c-xv24-crgx"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-32734","GHSA-677c-xv24-crgx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cprt-rzws-tkgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79932?format=json","vulnerability_id":"VCID-cyb9-u781-tkar","summary":"baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27697","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02322","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27697"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27697","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27697"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-vh89-rjph-2g7p","reference_id":"GHSA-vh89-rjph-2g7p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vh89-rjph-2g7p"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p","reference_id":"GHSA-vh89-rjph-2g7p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-27697","GHSA-vh89-rjph-2g7p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyb9-u781-tkar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/172634?format=json","vulnerability_id":"VCID-d1m5-npyb-93ba","summary":"Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41994","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34412","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41994"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41994","reference_id":"CVE-2022-41994","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41994"},{"reference_url":"https://github.com/advisories/GHSA-vxwf-79ch-f7f7","reference_id":"GHSA-vxwf-79ch-f7f7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vxwf-79ch-f7f7"},{"reference_url":"https://jvn.jp/en/jp/JVN53682526/index.html","reference_id":"index.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:27:38Z/"}],"url":"https://jvn.jp/en/jp/JVN53682526/index.html"},{"reference_url":"https://basercms.net/security/JVN_53682526","reference_id":"JVN_53682526","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:27:38Z/"}],"url":"https://basercms.net/security/JVN_53682526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28096?format=json","purl":"pkg:composer/baserproject/basercms@4.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-3pja-sw64-bfcv"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2"}],"aliases":["CVE-2022-41994","GHSA-vxwf-79ch-f7f7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1m5-npyb-93ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/333941?format=json","vulnerability_id":"VCID-dfqh-8ekp-wbdz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20682","reference_id":"","reference_type":"","scores":[{"value":"0.02357","scoring_system":"epss","scoring_elements":"0.85264","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20682"},{"reference_url":"https://basercms.net/security/JVN64869876","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN64869876"},{"reference_url":"https://jvn.jp/en/jp/JVN64869876/index.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jvn.jp/en/jp/JVN64869876/index.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20682","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20682"},{"reference_url":"https://github.com/advisories/GHSA-g39q-f4rm-85x4","reference_id":"GHSA-g39q-f4rm-85x4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g39q-f4rm-85x4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/383213?format=json","purl":"pkg:composer/baserproject/basercms@4.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5"}],"aliases":["CVE-2021-20682","GHSA-g39q-f4rm-85x4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfqh-8ekp-wbdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66534?format=json","vulnerability_id":"VCID-e1dn-at7q-t7fj","summary":"baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a cross-site scripting vulnerability in blog posts. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30879","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02278","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30879"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30879","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30879"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-jmq3-x8q7-j9qm","reference_id":"GHSA-jmq3-x8q7-j9qm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmq3-x8q7-j9qm"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-jmq3-x8q7-j9qm","reference_id":"GHSA-jmq3-x8q7-j9qm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-jmq3-x8q7-j9qm"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-30879","GHSA-jmq3-x8q7-j9qm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e1dn-at7q-t7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/166545?format=json","vulnerability_id":"VCID-e3g3-wbbd-k7fy","summary":"Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42486","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34552","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42486"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42486","reference_id":"CVE-2022-42486","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42486"},{"reference_url":"https://github.com/advisories/GHSA-7w2v-35j3-xrm9","reference_id":"GHSA-7w2v-35j3-xrm9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7w2v-35j3-xrm9"},{"reference_url":"https://jvn.jp/en/jp/JVN53682526/index.html","reference_id":"index.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T16:01:40Z/"}],"url":"https://jvn.jp/en/jp/JVN53682526/index.html"},{"reference_url":"https://basercms.net/security/JVN_53682526","reference_id":"JVN_53682526","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T16:01:40Z/"}],"url":"https://basercms.net/security/JVN_53682526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28096?format=json","purl":"pkg:composer/baserproject/basercms@4.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-3pja-sw64-bfcv"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2"}],"aliases":["CVE-2022-42486","GHSA-7w2v-35j3-xrm9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3g3-wbbd-k7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/128729?format=json","vulnerability_id":"VCID-e7n8-hhe7-5qhp","summary":"baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43649","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30205","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43649"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43649","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43649"},{"reference_url":"https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6","reference_id":"874c55433fead93e0be9df96fd28740f8047c8b6","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/"}],"url":"https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6"},{"reference_url":"https://github.com/advisories/GHSA-fw9x-cqjq-7jx5","reference_id":"GHSA-fw9x-cqjq-7jx5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fw9x-cqjq-7jx5"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5","reference_id":"GHSA-fw9x-cqjq-7jx5","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5"},{"reference_url":"https://basercms.net/security/JVN_99052047","reference_id":"JVN_99052047","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/"}],"url":"https://basercms.net/security/JVN_99052047"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379076?format=json","purl":"pkg:composer/baserproject/basercms@4.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/394610?format=json","purl":"pkg:composer/baserproject/basercms@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0"}],"aliases":["CVE-2023-43649","GHSA-fw9x-cqjq-7jx5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7n8-hhe7-5qhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66336?format=json","vulnerability_id":"VCID-f1qc-b1uy-uycf","summary":"baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges of the user account running baserCMS. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30877","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20668","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30877"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30877","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30877"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-m9g7-rgfc-jcm7","reference_id":"GHSA-m9g7-rgfc-jcm7","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m9g7-rgfc-jcm7"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-m9g7-rgfc-jcm7","reference_id":"GHSA-m9g7-rgfc-jcm7","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-m9g7-rgfc-jcm7"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-30877","GHSA-m9g7-rgfc-jcm7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1qc-b1uy-uycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/302998?format=json","vulnerability_id":"VCID-fw67-k8ej-57bf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18943","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54157","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18943"},{"reference_url":"https://basercms.net/release/4_1_4","reference_id":"","reference_type":"","scores":[],"url":"https://basercms.net/release/4_1_4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18943","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18943"},{"reference_url":"https://web.archive.org/web/20200130073341/https://basercms.net/release/4_1_4","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200130073341/https://basercms.net/release/4_1_4"},{"reference_url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21691?format=json","purl":"pkg:composer/baserproject/basercms@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.4"}],"aliases":["CVE-2018-18943","GHSA-fx2m-5m9v-jhgp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fw67-k8ej-57bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297681?format=json","vulnerability_id":"VCID-hmdp-y273-wqan","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0573","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38577","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0573"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0573","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0573"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0573","GHSA-33fq-qm4m-cjw3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmdp-y273-wqan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297677?format=json","vulnerability_id":"VCID-kmfp-ar4u-5bdm","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0569","reference_id":"","reference_type":"","scores":[{"value":"0.01","scoring_system":"epss","scoring_elements":"0.77421","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0569"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0569","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0569"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0569","GHSA-6j3p-vrph-j7qq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmfp-ar4u-5bdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/333940?format=json","vulnerability_id":"VCID-m3jy-vamm-7qgq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20681","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4242","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20681"},{"reference_url":"https://basercms.net/security/JVN64869876","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN64869876"},{"reference_url":"https://jvn.jp/en/jp/JVN64869876/index.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jvn.jp/en/jp/JVN64869876/index.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20681","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20681"},{"reference_url":"https://github.com/advisories/GHSA-24p5-x9f9-vvpx","reference_id":"GHSA-24p5-x9f9-vvpx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-24p5-x9f9-vvpx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/383213?format=json","purl":"pkg:composer/baserproject/basercms@4.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5"}],"aliases":["CVE-2021-20681","GHSA-24p5-x9f9-vvpx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m3jy-vamm-7qgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114570?format=json","vulnerability_id":"VCID-mkbe-t5bg-a3fz","summary":"baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using require_once without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve arbitrary code execution when it is included. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32957","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09994","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32957"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32957","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32957"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-hv78-cwp4-8r7r","reference_id":"GHSA-hv78-cwp4-8r7r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hv78-cwp4-8r7r"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hv78-cwp4-8r7r","reference_id":"GHSA-hv78-cwp4-8r7r","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hv78-cwp4-8r7r"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2025-32957","GHSA-hv78-cwp4-8r7r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkbe-t5bg-a3fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66347?format=json","vulnerability_id":"VCID-mnc6-6egy-jbhn","summary":"baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables spam or abuse via the API. This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30878","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05923","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30878"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30878","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30878"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-8cr7-r8qw-gp3c","reference_id":"GHSA-8cr7-r8qw-gp3c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8cr7-r8qw-gp3c"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-8cr7-r8qw-gp3c","reference_id":"GHSA-8cr7-r8qw-gp3c","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-8cr7-r8qw-gp3c"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-30878","GHSA-8cr7-r8qw-gp3c"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnc6-6egy-jbhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37902?format=json","vulnerability_id":"VCID-pfj6-r4pn-wfhf","summary":"baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46998","reference_id":"","reference_type":"","scores":[{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.78094","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46998"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46998","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46998"},{"reference_url":"https://github.com/advisories/GHSA-p3m2-mj3j-j49x","reference_id":"GHSA-p3m2-mj3j-j49x","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p3m2-mj3j-j49x"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x","reference_id":"GHSA-p3m2-mj3j-j49x","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T20:01:19Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x"},{"reference_url":"https://basercms.net/security/JVN_98693329","reference_id":"JVN_98693329","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T20:01:19Z/"}],"url":"https://basercms.net/security/JVN_98693329"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371911?format=json","purl":"pkg:composer/baserproject/basercms@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-py24-kt42-9kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2"}],"aliases":["CVE-2024-46998","GHSA-p3m2-mj3j-j49x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfj6-r4pn-wfhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66458?format=json","vulnerability_id":"VCID-py24-kt42-9kdy","summary":"baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file management API (/baser/api/admin/bc-theme-file/theme_files/add.json) that allows arbitrary file write. An authenticated administrator can include ../ sequences in the path parameter to create a PHP file in an arbitrary directory outside the theme directory, which may result in remote code execution (RCE). This issue has been patched in version 5.2.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30940","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35518","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30940"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30940","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30940"},{"reference_url":"https://github.com/baserproject/basercms/releases/tag/5.2.3","reference_id":"5.2.3","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/"}],"url":"https://github.com/baserproject/basercms/releases/tag/5.2.3"},{"reference_url":"https://github.com/advisories/GHSA-c5c6-37vq-pjcq","reference_id":"GHSA-c5c6-37vq-pjcq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c5c6-37vq-pjcq"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-c5c6-37vq-pjcq","reference_id":"GHSA-c5c6-37vq-pjcq","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-c5c6-37vq-pjcq"},{"reference_url":"https://basercms.net/security/JVN_20837860","reference_id":"JVN_20837860","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/"}],"url":"https://basercms.net/security/JVN_20837860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374503?format=json","purl":"pkg:composer/baserproject/basercms@5.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3"}],"aliases":["CVE-2026-30940","GHSA-c5c6-37vq-pjcq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-py24-kt42-9kdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205197?format=json","vulnerability_id":"VCID-qk6g-muqe-hqfr","summary":"Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15155","reference_id":"","reference_type":"","scores":[{"value":"0.00868","scoring_system":"epss","scoring_elements":"0.75607","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15155"},{"reference_url":"https://basercms.net/security/20200827","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/20200827"},{"reference_url":"https://github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30f","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15155","reference_id":"CVE-2020-15155","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15155"},{"reference_url":"https://github.com/advisories/GHSA-4r3m-j6x5-48m3","reference_id":"GHSA-4r3m-j6x5-48m3","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4r3m-j6x5-48m3"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3","reference_id":"GHSA-4r3m-j6x5-48m3","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16897?format=json","purl":"pkg:composer/baserproject/basercms@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.3.7"}],"aliases":["CVE-2020-15155","GHSA-4r3m-j6x5-48m3"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qk6g-muqe-hqfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37805?format=json","vulnerability_id":"VCID-qv2s-xgym-v3bv","summary":"baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46994","reference_id":"","reference_type":"","scores":[{"value":"0.01179","scoring_system":"epss","scoring_elements":"0.79156","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46994"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46994","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46994"},{"reference_url":"https://github.com/advisories/GHSA-wrjc-fmfq-w3jr","reference_id":"GHSA-wrjc-fmfq-w3jr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wrjc-fmfq-w3jr"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-wrjc-fmfq-w3jr","reference_id":"GHSA-wrjc-fmfq-w3jr","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:44Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-wrjc-fmfq-w3jr"},{"reference_url":"https://basercms.net/security/JVN_00876083","reference_id":"JVN_00876083","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:44Z/"}],"url":"https://basercms.net/security/JVN_00876083"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371911?format=json","purl":"pkg:composer/baserproject/basercms@5.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-py24-kt42-9kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2"}],"aliases":["CVE-2024-46994","GHSA-wrjc-fmfq-w3jr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv2s-xgym-v3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/342532?format=json","vulnerability_id":"VCID-ra7y-cb5e-w7ee","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN14134801/index.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN14134801/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39136","reference_id":"","reference_type":"","scores":[{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68047","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39136"},{"reference_url":"https://basercms.net/security/JVN_14134801","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN_14134801"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39136","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39136"},{"reference_url":"https://github.com/advisories/GHSA-hgjr-632x-qpp3","reference_id":"GHSA-hgjr-632x-qpp3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hgjr-632x-qpp3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382859?format=json","purl":"pkg:composer/baserproject/basercms@4.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.1"}],"aliases":["CVE-2021-39136","GHSA-hgjr-632x-qpp3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ra7y-cb5e-w7ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297683?format=json","vulnerability_id":"VCID-rzcn-4yzc-g3dy","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0575","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37911","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0575"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0575","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0575","GHSA-w935-p7mg-xc96"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzcn-4yzc-g3dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297679?format=json","vulnerability_id":"VCID-tjck-1ajy-ubb1","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0571","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37604","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0571"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0571","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0571"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0571","GHSA-3mcp-6rv6-c69g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjck-1ajy-ubb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206742?format=json","vulnerability_id":"VCID-tjg8-cmv3-43d8","summary":"OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41243","reference_id":"","reference_type":"","scores":[{"value":"0.02799","scoring_system":"epss","scoring_elements":"0.86429","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41243"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/9088b99c329d1faff3a2f1269f37b9a9d8d5f6ff","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/9088b99c329d1faff3a2f1269f37b9a9d8d5f6ff"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41243","reference_id":"CVE-2021-41243","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41243"},{"reference_url":"https://github.com/advisories/GHSA-7rpc-9m88-cf9w","reference_id":"GHSA-7rpc-9m88-cf9w","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7rpc-9m88-cf9w"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-7rpc-9m88-cf9w","reference_id":"GHSA-7rpc-9m88-cf9w","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-7rpc-9m88-cf9w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18160?format=json","purl":"pkg:composer/baserproject/basercms@4.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.4"}],"aliases":["CVE-2021-41243","GHSA-7rpc-9m88-cf9w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjg8-cmv3-43d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205199?format=json","vulnerability_id":"VCID-upvv-xbqd-9bcz","summary":"Cross Site Scripting and RCE in baserCMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15159","reference_id":"","reference_type":"","scores":[{"value":"0.01563","scoring_system":"epss","scoring_elements":"0.81905","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15159"},{"reference_url":"https://basercms.net/security/20200827","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/20200827"},{"reference_url":"https://github.com/baserproject/basercms/commit/16a7b3cd09a0ca355474119c76897eac2034a66d","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/16a7b3cd09a0ca355474119c76897eac2034a66d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15159","reference_id":"CVE-2020-15159","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15159"},{"reference_url":"https://github.com/advisories/GHSA-673x-f5wx-fxpw","reference_id":"GHSA-673x-f5wx-fxpw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-673x-f5wx-fxpw"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-673x-f5wx-fxpw","reference_id":"GHSA-673x-f5wx-fxpw","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-673x-f5wx-fxpw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16897?format=json","purl":"pkg:composer/baserproject/basercms@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.3.7"}],"aliases":["CVE-2020-15159","GHSA-673x-f5wx-fxpw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upvv-xbqd-9bcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205196?format=json","vulnerability_id":"VCID-vmf1-uj3x-5yg4","summary":"Cross Site Scripting in baserCMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15154","reference_id":"","reference_type":"","scores":[{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.74204","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15154"},{"reference_url":"https://basercms.net/security/20200827","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/20200827"},{"reference_url":"https://github.com/baserproject/basercms/commit/7f4b905b90954e394ec10dd35bad2a5dec505371","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/commit/7f4b905b90954e394ec10dd35bad2a5dec505371"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15154","reference_id":"CVE-2020-15154","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15154"},{"reference_url":"https://github.com/advisories/GHSA-cpxc-67rc-c775","reference_id":"GHSA-cpxc-67rc-c775","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cpxc-67rc-c775"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-cpxc-67rc-c775","reference_id":"GHSA-cpxc-67rc-c775","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-cpxc-67rc-c775"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16897?format=json","purl":"pkg:composer/baserproject/basercms@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.3.7"}],"aliases":["CVE-2020-15154","GHSA-cpxc-67rc-c775"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vmf1-uj3x-5yg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209797?format=json","vulnerability_id":"VCID-vncw-7kq5-rkfj","summary":"RCE in baserCMS before 4.1.4","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18942","reference_id":"","reference_type":"","scores":[{"value":"0.00928","scoring_system":"epss","scoring_elements":"0.76535","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18942"},{"reference_url":"https://basercms.net/release/4_1_4","reference_id":"","reference_type":"","scores":[],"url":"https://basercms.net/release/4_1_4"},{"reference_url":"https://github.com/baserproject/basercms/issues/959","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms/issues/959"},{"reference_url":"https://web.archive.org/web/20200130073341/https://basercms.net/release/4_1_4","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200130073341/https://basercms.net/release/4_1_4"},{"reference_url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS"},{"reference_url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20211209034642/http://sunu11.com/2018/10/31/baserCMS/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18942","reference_id":"CVE-2018-18942","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18942"},{"reference_url":"https://github.com/advisories/GHSA-rjc2-x53r-6c9r","reference_id":"GHSA-rjc2-x53r-6c9r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rjc2-x53r-6c9r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21691?format=json","purl":"pkg:composer/baserproject/basercms@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.4"}],"aliases":["CVE-2018-18942","GHSA-rjc2-x53r-6c9r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vncw-7kq5-rkfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/297682?format=json","vulnerability_id":"VCID-wg9h-rupq-xbea","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN67881316/index.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN67881316/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0574","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49708","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0574"},{"reference_url":"https://basercms.net/security/JVN67881316","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN67881316"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0574","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384688?format=json","purl":"pkg:composer/baserproject/basercms@3.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/384687?format=json","purl":"pkg:composer/baserproject/basercms@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1"}],"aliases":["CVE-2018-0574","GHSA-6qjv-43mf-rgrh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg9h-rupq-xbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41413?format=json","vulnerability_id":"VCID-wgd1-9jtr-vfgj","summary":"baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-26128","reference_id":"","reference_type":"","scores":[{"value":"0.02281","scoring_system":"epss","scoring_elements":"0.8504","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-26128"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c","reference_id":"18f426d63e752b4d22c40e9ea8d1f6e692ef601c","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/"}],"url":"https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26128","reference_id":"CVE-2024-26128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26128"},{"reference_url":"https://github.com/advisories/GHSA-jjxq-m8h3-4vw5","reference_id":"GHSA-jjxq-m8h3-4vw5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jjxq-m8h3-4vw5"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-jjxq-m8h3-4vw5","reference_id":"GHSA-jjxq-m8h3-4vw5","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-jjxq-m8h3-4vw5"},{"reference_url":"https://basercms.net/security/JVN_73283159","reference_id":"JVN_73283159","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/"}],"url":"https://basercms.net/security/JVN_73283159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29267?format=json","purl":"pkg:composer/baserproject/basercms@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9"}],"aliases":["CVE-2024-26128","GHSA-jjxq-m8h3-4vw5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgd1-9jtr-vfgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/131635?format=json","vulnerability_id":"VCID-ygym-64en-vbav","summary":"baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the site search feature. Version 5.0.9 contains a fix for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44379","reference_id":"","reference_type":"","scores":[{"value":"0.00622","scoring_system":"epss","scoring_elements":"0.70612","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44379"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://github.com/baserproject/basercms/commit/18549396e5a9b8294306a54a876af164b0b57da4","reference_id":"18549396e5a9b8294306a54a876af164b0b57da4","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/"}],"url":"https://github.com/baserproject/basercms/commit/18549396e5a9b8294306a54a876af164b0b57da4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44379","reference_id":"CVE-2023-44379","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44379"},{"reference_url":"https://github.com/advisories/GHSA-66c2-p8rh-qx87","reference_id":"GHSA-66c2-p8rh-qx87","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-66c2-p8rh-qx87"},{"reference_url":"https://github.com/baserproject/basercms/security/advisories/GHSA-66c2-p8rh-qx87","reference_id":"GHSA-66c2-p8rh-qx87","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/"}],"url":"https://github.com/baserproject/basercms/security/advisories/GHSA-66c2-p8rh-qx87"},{"reference_url":"https://basercms.net/security/JVN_73283159","reference_id":"JVN_73283159","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/"}],"url":"https://basercms.net/security/JVN_73283159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/29267?format=json","purl":"pkg:composer/baserproject/basercms@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qv2s-xgym-v3bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9"}],"aliases":["CVE-2023-44379","GHSA-66c2-p8rh-qx87"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygym-64en-vbav"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/289211?format=json","vulnerability_id":"VCID-h5y8-xqq9-zbdk","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN78151490/index.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN78151490/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10844","reference_id":"","reference_type":"","scores":[{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68992","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10844"},{"reference_url":"https://basercms.net/security/JVN78151490","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN78151490"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10844","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22100?format=json","purl":"pkg:composer/baserproject/basercms@3.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/416652?format=json","purl":"pkg:composer/baserproject/basercms@4.0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22102?format=json","purl":"pkg:composer/baserproject/basercms@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6"}],"aliases":["CVE-2017-10844","GHSA-69gw-v5ph-6vxq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5y8-xqq9-zbdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210120?format=json","vulnerability_id":"VCID-her4-2hxs-bbbw","summary":"Arbitrary file delete in baserCMS","references":[{"reference_url":"http://jvn.jp/en/jp/JVN78151490/index.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN78151490/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10843","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.69079","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10843"},{"reference_url":"https://basercms.net/security/JVN78151490","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN78151490"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10843","reference_id":"CVE-2017-10843","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10843"},{"reference_url":"https://github.com/advisories/GHSA-x73x-7gmx-w835","reference_id":"GHSA-x73x-7gmx-w835","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x73x-7gmx-w835"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22100?format=json","purl":"pkg:composer/baserproject/basercms@3.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/416652?format=json","purl":"pkg:composer/baserproject/basercms@4.0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22102?format=json","purl":"pkg:composer/baserproject/basercms@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6"}],"aliases":["CVE-2017-10843","GHSA-x73x-7gmx-w835"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-her4-2hxs-bbbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/289210?format=json","vulnerability_id":"VCID-t8zy-hpr1-1ycy","summary":"","references":[{"reference_url":"http://jvn.jp/en/jp/JVN78151490/index.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://jvn.jp/en/jp/JVN78151490/index.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10842","reference_id":"","reference_type":"","scores":[{"value":"0.0067","scoring_system":"epss","scoring_elements":"0.71827","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10842"},{"reference_url":"https://basercms.net/security/JVN78151490","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://basercms.net/security/JVN78151490"},{"reference_url":"https://github.com/baserproject/basercms","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/baserproject/basercms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10842","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-10842"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22100?format=json","purl":"pkg:composer/baserproject/basercms@3.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/416652?format=json","purl":"pkg:composer/baserproject/basercms@4.0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22102?format=json","purl":"pkg:composer/baserproject/basercms@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19n8-vups-cyg8"},{"vulnerability":"VCID-1nef-kbvb-nqgv"},{"vulnerability":"VCID-2c9a-4k3v-1ydj"},{"vulnerability":"VCID-3btn-6dkf-67aq"},{"vulnerability":"VCID-3jx2-hpuj-afaf"},{"vulnerability":"VCID-46uc-rvvt-5ke8"},{"vulnerability":"VCID-686s-gr1n-4qa9"},{"vulnerability":"VCID-6p1v-g9d1-zfe5"},{"vulnerability":"VCID-6yw8-d6jx-ykcm"},{"vulnerability":"VCID-7qsb-z8v2-zkhz"},{"vulnerability":"VCID-7rv4-k7qe-vyds"},{"vulnerability":"VCID-9hcb-zk3c-puga"},{"vulnerability":"VCID-ambd-vx8w-y7b5"},{"vulnerability":"VCID-c77m-9mgg-c3ht"},{"vulnerability":"VCID-cknd-kv9u-sfdc"},{"vulnerability":"VCID-cprt-rzws-tkgh"},{"vulnerability":"VCID-cyb9-u781-tkar"},{"vulnerability":"VCID-d1m5-npyb-93ba"},{"vulnerability":"VCID-dfqh-8ekp-wbdz"},{"vulnerability":"VCID-e1dn-at7q-t7fj"},{"vulnerability":"VCID-e3g3-wbbd-k7fy"},{"vulnerability":"VCID-e7n8-hhe7-5qhp"},{"vulnerability":"VCID-f1qc-b1uy-uycf"},{"vulnerability":"VCID-fw67-k8ej-57bf"},{"vulnerability":"VCID-gfx3-at47-u7aq"},{"vulnerability":"VCID-hmdp-y273-wqan"},{"vulnerability":"VCID-kmfp-ar4u-5bdm"},{"vulnerability":"VCID-m3jy-vamm-7qgq"},{"vulnerability":"VCID-mkbe-t5bg-a3fz"},{"vulnerability":"VCID-mnc6-6egy-jbhn"},{"vulnerability":"VCID-pfj6-r4pn-wfhf"},{"vulnerability":"VCID-py24-kt42-9kdy"},{"vulnerability":"VCID-qk6g-muqe-hqfr"},{"vulnerability":"VCID-qv2s-xgym-v3bv"},{"vulnerability":"VCID-ra7y-cb5e-w7ee"},{"vulnerability":"VCID-rzcn-4yzc-g3dy"},{"vulnerability":"VCID-tf16-deep-v3bs"},{"vulnerability":"VCID-tjck-1ajy-ubb1"},{"vulnerability":"VCID-tjg8-cmv3-43d8"},{"vulnerability":"VCID-upvv-xbqd-9bcz"},{"vulnerability":"VCID-vmf1-uj3x-5yg4"},{"vulnerability":"VCID-vncw-7kq5-rkfj"},{"vulnerability":"VCID-wg9h-rupq-xbea"},{"vulnerability":"VCID-wgd1-9jtr-vfgj"},{"vulnerability":"VCID-ygym-64en-vbav"},{"vulnerability":"VCID-zvaq-2qbe-myhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6"}],"aliases":["CVE-2017-10842","GHSA-jc94-wp59-pq4f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8zy-hpr1-1ycy"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15"}