← Voltar para CVEs
CVE-2021-39136
HIGH8.7
Descricao
baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are available to mitigate this issue.
Detalhes CVE
Pontuacao CVSS v3.18.7
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioREQUIRED
Publicado8/25/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
basercms:basercms
Fraquezas (CWE)
CWE-79
Referencias
http://jvn.jp/en/jp/JVN14134801/index.html(security-advisories@github.com)
https://basercms.net/security/JVN_14134801(security-advisories@github.com)
https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc(security-advisories@github.com)
https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3(security-advisories@github.com)
http://jvn.jp/en/jp/JVN14134801/index.html(af854a3a-2127-422b-91ae-364da2661108)
https://basercms.net/security/JVN_14134801(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02a98f6d7bc(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.