PT-2017-8584 · Basercms · Basercms

Masamu Asato

Published

2017-05-12

Updated

2017-05-18

CVE-2016-4887

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions baserCMS plugin Uploader versions 3.0.10 and earlier

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators.

Recommendations For baserCMS plugin Uploader versions 3.0.10 and earlier, update to a version later than 3.0.10 to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2016-4887

Basercms