Arbitrary Script Injection in baserCMS Blog Article Editing Function

Arbitrary Script Injection in baserCMS Blog Article Editing Function

CVE-2021-20683 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors.

Learn more about our Cms Pen Testing.