Melonattacker

**Name of the Vulnerable Software and Affected Versions** baserCMS versions prior to 5.2.3 **Description** baserCMS is a website development framework. A publicly accessible mail submission API allows unauthenticated users to submit mail form entries, even when the corresponding form is configured to not accept submissions. This circumvents administrative controls designed to prevent form submissions and could enable spam or abuse through the API. The vulnerable API endpoint is a mail submission form. **Recommendations** Update to version 5.2.3 or later.