CVE-2023-43649

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-43649
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-43649.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-43649
Aliases
Published
2023-10-30T18:29:26.783Z
Modified
2025-11-29T14:42:15.059892Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
baserCMS CSRF vulnerability in Content preview Feature
Details

baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/43xxx/CVE-2023-43649.json",
    "cwe_ids": [
        "CWE-352"
    ]
}
References

Affected packages

Git / github.com/baserproject/basercms

Affected ranges

Type
GIT
Repo
https://github.com/baserproject/basercms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d9014ad55c048264a0be07c8a95cfebff8ae4b4d

Affected versions

2.*

2.0.0
2.0.0-beta
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.5.1
2.1.0
2.1.1
2.1.2

3.*

3.0.0
3.0.1
3.0.10
3.0.11
3.0.11.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.5.1
3.0.6
3.0.6-beta
3.0.6.1
3.0.7
3.0.8
3.0.9

4.*

4.0.0
4.0.0-beta
4.0.1
4.0.10
4.0.10.1
4.0.11
4.0.2
4.0.2.1
4.0.3
4.0.4
4.0.5
4.0.5.1
4.0.5.2
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.1.0.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.7.1
4.4.0
4.4.1
4.4.1.1
4.4.2
4.4.2.1
4.4.3
4.4.4
4.4.5
4.4.6
4.4.7
4.4.8
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.6.0
4.6.1
4.6.1.1
4.6.2
4.6.3
4.7.0
4.7.2
4.7.3
4.7.5
4.7.6
4.7.7
4.7.8