Home > Vulnerability Database > CVE-2022-39325

Mend.io Vulnerability Database

CVE-2022-39325

Good to know:

Date: November 24, 2022

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. Users of baserCMS are advised to upgrade as soon as possible. There are no known workarounds for this vulnerability.

Language: PHP

Severity Score

4.6

Related Resources (7)

Url: https://github.com/baserproject/basercms/commit/b6f8a54e90dee51317eddf517b776fe8b4cd3ef6

Url: https://github.com/baserproject/basercms

Url: https://github.com/baserproject/basercms/security/advisories/GHSA-395x-wv32-44v5

Url: https://basercms.net/security/JVN_53682526

Url: https://github.com/baserproject/basercms/releases/tag/basercms-4.7.2

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-39325

Url: https://www.mend.io/vulnerability-database/CVE-2022-39325

Severity Score

4.6

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

Top Fix

Upgrade Version

Upgrade to version basercms-4.7.2

Learn More

CVSS v3.1

Base Score:	4.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2022-39325

Good to know:

Date: November 24, 2022

Language: PHP

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?