CVE-2023-25654

Unrestricted Upload of File with Dangerous Type in packagist/baserproject/basercms

Identifiers

CVE-2023-25654, GHSA-h4cc-fxpp-pgw9

Package Slug

packagist/baserproject/basercms

Vulnerability

Unrestricted Upload of File with Dangerous Type

Description

baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.

Affected Versions

All versions before 4.7.5

Solution

Upgrade to version 4.7.5 or above.

Last Modified

2023-03-24

source