CVE-2023-25654
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-25654
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25654.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-25654
- Aliases
- Published
- 2023-03-23T20:15:14Z
- Modified
- 2024-10-12T10:45:18.526923Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.
- References
-
- https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9
- https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96
- https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359
- https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0
- https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
Affected packages
Git / github.com/baserproject/basercms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/baserproject/basercms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed
Affected versions
2.*
2.0.0
2.0.0-beta
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.5.1
2.1.0
2.1.1
2.1.2
3.*
3.0.0
3.0.1
3.0.10
3.0.11
3.0.11.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.5.1
3.0.6
3.0.6-beta
3.0.6.1
3.0.7
3.0.8
3.0.9
4.*
4.0.0
4.0.0-beta
4.0.1
4.0.10
4.0.10.1
4.0.11
4.0.2
4.0.2.1
4.0.3
4.0.4
4.0.5
4.0.5.1
4.0.5.2
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.1.0.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.7.1
4.4.0
4.4.1
4.4.1.1
4.4.2
4.4.2.1
4.4.3
4.4.4
4.4.5
4.4.6
4.4.7
4.4.8
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.6.0
4.6.1
4.6.1.1
4.6.2
4.6.3
4.7.0
4.7.2
4.7.3