Home > Vulnerability Database > CVE-2022-39325

Mend.io Vulnerability Database

CVE-2022-39325

Date: November 24, 2022

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.

Language: PHP

Severity Score

4.6

Related Resources (7)

Url: https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6

Url: https://github.com/baserproject/basercms

Url: https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5

Url: https://basercms.net/security/JVN_53682526

Url: https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-39325

Url: https://www.mend.io/vulnerability-database/CVE-2022-39325

Severity Score

4.6

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

CVSS v3.1

Base Score:	4.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2022-39325

Date: November 24, 2022

Language: PHP

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?