Vulnerability Description
baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are available to mitigate this issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Basercms | Basercms | < 4.5.1 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN14134801/index.htmlThird Party Advisory
- https://basercms.net/security/JVN_14134801Vendor Advisory
- https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02aPatchThird Party Advisory
- https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3Third Party Advisory
- http://jvn.jp/en/jp/JVN14134801/index.htmlThird Party Advisory
- https://basercms.net/security/JVN_14134801Vendor Advisory
- https://github.com/baserproject/basercms/commit/568d4cab5ba1cdee7bbf0133c676d02aPatchThird Party Advisory
- https://github.com/baserproject/basercms/security/advisories/GHSA-hgjr-632x-qpp3Third Party Advisory
FAQ
What is CVE-2021-39136?
CVE-2021-39136 is a vulnerability with a CVSS score of 8.7 (HIGH). baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the ma...
How severe is CVE-2021-39136?
CVE-2021-39136 has been rated HIGH with a CVSS base score of 8.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-39136?
Check the references section above for vendor advisories and patch information. Affected products include: Basercms Basercms.