← Volver a CVEs
CVE-2021-39136
HIGH8.7
Descripcion
baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are available to mitigate this issue.
Detalles CVE
Puntuacion CVSS v3.18.7
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado8/25/2021
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
basercms:basercms
Debilidades (CWE)
CWE-79
Referencias
http://jvn.jp/en/jp/JVN14134801/index.html(security-advisories@github.com)
https://basercms.net/security/JVN_14134801(security-advisories@github.com)
https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc(security-advisories@github.com)
https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3(security-advisories@github.com)
http://jvn.jp/en/jp/JVN14134801/index.html(af854a3a-2127-422b-91ae-364da2661108)
https://basercms.net/security/JVN_14134801(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.