CVE-2021-20683

Summary

Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
baserCMS Users CommunitybaserCMSversions prior to 4.4.5affected

Weaknesses

  • Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References