CVE-2023-43648

baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form submission data management feature of baserCMS. Version 4.8.0 contains a patch for this issue.
Configurations

Configuration 1 (hide)

cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*

History

06 Nov 2023, 19:39

Type Values Removed Values Added
References (MISC) https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55 - (MISC) https://github.com/baserproject/basercms/security/advisories/GHSA-hmqj-gv2m-hq55 - Third Party Advisory
References (MISC) https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b - (MISC) https://github.com/baserproject/basercms/commit/7555a5cf0006755dc0223fffc2d882b50a97758b - Patch, Third Party Advisory
References (MISC) https://basercms.net/security/JVN_81174674 - (MISC) https://basercms.net/security/JVN_81174674 - Vendor Advisory
CPE cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*
First Time Basercms basercms
Basercms
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

30 Oct 2023, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-30 19:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-43648

Mitre link : CVE-2023-43648

CVE.ORG link : CVE-2023-43648


JSON object : View

Products Affected

basercms

  • basercms
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')