CVE-2023-51450

Name of the Vulnerable Software and Affected Versions baserCMS versions prior to 5.0.9

Description The issue is related to an OS Command Injection vulnerability in the site search feature of baserCMS. This vulnerability can be exploited by a remote attacker to execute arbitrary commands. The vulnerability exists due to the lack of neutralization of special elements.

Recommendations For versions prior to 5.0.9, update to version 5.0.9 or later to resolve the issue. As a temporary workaround, consider disabling the site search feature until a patch is available. Restrict access to the Installer Feature to minimize the risk of exploitation.