Search criteria
6 vulnerabilities found for baserCMS plugin Blog by baserCMS Users Community
CVE-2016-4884 (GCVE-0-2016-4884)
Vulnerability from nvd – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4884",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4881 (GCVE-0-2016-4881)
Vulnerability from nvd – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4881",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4880 (GCVE-0-2016-4880)
Vulnerability from nvd – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4880",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4881 (GCVE-0-2016-4881)
Vulnerability from cvelistv5 – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4881",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4880 (GCVE-0-2016-4880)
Vulnerability from cvelistv5 – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4880",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4884 (GCVE-0-2016-4884)
Vulnerability from cvelistv5 – Published: 2017-05-12 18:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://basercms.net/security/JVN92765814 | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN92765814/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/93217 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| baserCMS Users Community | baserCMS plugin Blog |
Affected:
version 3.0.10 and earlier
|
Date Public
2016-09-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "baserCMS plugin Blog",
"vendor": "baserCMS Users Community",
"versions": [
{
"status": "affected",
"version": "version 3.0.10 and earlier"
}
]
}
],
"datePublic": "2016-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-15T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "baserCMS plugin Blog",
"version": {
"version_data": [
{
"version_value": "version 3.0.10 and earlier"
}
]
}
}
]
},
"vendor_name": "baserCMS Users Community"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://basercms.net/security/JVN92765814",
"refsource": "CONFIRM",
"url": "http://basercms.net/security/JVN92765814"
},
{
"name": "JVN#92765814",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN92765814/index.html"
},
{
"name": "93217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4884",
"datePublished": "2017-05-12T18:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}