PT-2023-28984 · Basercms · Basercms

Shiga Takuma

Publicado

2023-10-26

Atualizado

2023-11-06

CVE-2023-43792

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions baserCMS versions 4.6.0 through 4.7.6

Description The issue is related to a Code Injection vulnerability in the mail form of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Mail Form Feature.

Recommendations For versions 4.6.0 through 4.7.6, update to the latest version of baserCMS to resolve the issue. As a temporary workaround, consider restricting access to the mail form feature in baserCMS until a patch is available.

Exploit

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2023-43792

GHSA-VRM6-C878-FPQ6

Produtos afetados

Basercms

PT-2023-28984 · Basercms · Basercms

CVE-2023-43792

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8