CVE-2023-43792

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available.

Published: Oct 30, 2023
Updated: May 10, 2024
CVE: CVE-2023-43792
GHSA: GHSA-vrm6-c878-fpq6
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
baserproject / basercms	4.6.0	4.7.6.x
basercms / basercms	4.6.0	4.7.6.x

https://basercms.net/security/JVN_45547161
https://github.com/baserproject/basercms/security/advisories/GHSA-vrm6-c878-fpq6

Vulnerability Database

290,206

CVE-2023-43792