Vulnerabilities > Basercms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-24 | CVE-2024-46994 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. | 5.4 |
| 2024-10-24 | CVE-2024-46995 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. | 6.1 |
| 2024-10-24 | CVE-2024-46996 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. | 5.4 |
| 2024-10-24 | CVE-2024-46998 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. | 5.4 |
| 2023-10-30 | CVE-2023-43647 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework. | 5.4 |
| 2023-10-30 | CVE-2023-43648 | Path Traversal vulnerability in Basercms baserCMS is a website development framework. | 6.5 |
| 2023-10-27 | CVE-2023-29009 | Cross-site Scripting vulnerability in Basercms baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. | 6.1 |
| 2022-12-07 | CVE-2022-41994 | Cross-site Scripting vulnerability in Basercms Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. | 4.8 |
| 2022-12-07 | CVE-2022-42486 | Cross-site Scripting vulnerability in Basercms Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. | 4.8 |
| 2022-11-25 | CVE-2022-39325 | Cross-site Scripting vulnerability in Basercms BaserCMS is a content management system with a japanese language focus. | 6.1 |