Headline
GHSA-h4cc-fxpp-pgw9: baserCMS File Uploader Remote Code Execution (RCE) vulnerability
Impact
There is a Remote Code Execution (RCE) Vulnerability on the management system of baserCMS.
Target
baserCMS 4.7.3 and earlier versions
Patches
Update to the latest version of baserCMS
Credits
島峰泰平@三井物産セキュアディレクション株式会社
baserCMS File Uploader Remote Code Execution (RCE) vulnerability
High severity GitHub Reviewed Published Mar 23, 2023 in baserproject/basercms • Updated Mar 23, 2023
Related news
CVE-2023-25654: fix CVE-2023-25654 · baserproject/basercms@60f8305
baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.