CVE-2021-20683

Cross-site Scripting in packagist/baserproject/basercms

Identifier

CVE-2021-20683

Package Slug

packagist/baserproject/basercms

Vulnerability

Cross-site Scripting

Description

Improper neutralization of JavaScript input in the blog article editing function of baserCMS allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

Affected Versions

All versions before 4.4.5

Solution

Upgrade to version 4.4.5 or above.

Last Modified

2021-03-31

source