Skip to content

OS Command Injection Vulnerability

Low
ryuring published GHSA-7rpc-9m88-cf9w Nov 25, 2021

Package

PagesController (baserCMS)

Affected versions

<= 4.5.3

Patched versions

4.5.4

Description

There is a OS Command Injection Vulnerability on the management system of baserCMS.

This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.

Target
baserCMS 4.5.3 and earlier versions

Vulnerability
OS Command Injection Vulnerability.

Countermeasures
Update to the latest version of baserCMS

Credits
Akagi Yusuke @NTT-ME

Severity

Low

CVE ID

CVE-2021-41243

Weaknesses

No CWEs