CVE-2020-15155 – baserCMS 4.3.6 and earlier contains a cross-sit... (How to Fix)

Q: What is the severity of CVE-2020-15155?

CVE-2020-15155 has a CVSS score of 7.3 (HIGH). baserCMS 4.3.6 and earlier contains a cross-site scripting (XSS) vulnerability in toolbar.php that allows authenticated administrators to execute arbitrary JavaScript. This vulnerability enables attackers with admin access to perform actions like stealing session cookies or redirecting users. Only baserCMS installations with admin accounts are affected.

📋 TL;DR

baserCMS 4.3.6 and earlier contains a cross-site scripting (XSS) vulnerability in toolbar.php that allows authenticated administrators to execute arbitrary JavaScript. This vulnerability enables attackers with admin access to perform actions like stealing session cookies or redirecting users. Only baserCMS installations with admin accounts are affected.

💻 Affected Systems

Products:

baserCMS

Versions: 4.3.6 and earlier

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations where admin accounts exist and are accessible. The vulnerability requires admin authentication to exploit.

📦 What is this software?

Basercms by Basercms

View all CVEs affecting Basercms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with compromised admin credentials could execute malicious JavaScript to steal session tokens, perform actions as other users, or redirect users to phishing sites, potentially leading to complete site compromise.

🟠

Likely Case

An attacker with admin access injects malicious scripts that affect other users viewing the toolbar, potentially stealing their session cookies or performing unauthorized actions.

🟢

If Mitigated

With proper access controls and admin account security, the impact is limited to the specific admin account that was compromised.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials. The vulnerability is in toolbar.php where insufficient input validation allows script injection.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.3.7

Vendor Advisory: https://basercms.net/security/20200827

Restart Required: No

Instructions:

1. Backup your baserCMS installation and database. 2. Download baserCMS 4.3.7 or later from the official repository. 3. Replace the affected files, particularly toolbar.php. 4. Verify the update by checking the version in the admin panel.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit admin account access to trusted IP addresses only

# Configure web server (Apache example) to restrict /basercms/admin/ to specific IPs
<Location "/basercms/admin/">
    Order deny,allow
    Deny from all
    Allow from 192.168.1.0/24
</Location>

Input Sanitization

all

Add custom input validation for toolbar parameters

# In toolbar.php or custom middleware, add:
$input = htmlspecialchars($_GET['parameter'], ENT_QUOTES, 'UTF-8');

🧯 If You Can't Patch

Implement strict access controls for admin accounts and monitor for suspicious activity
Deploy a web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check baserCMS version in admin panel or by examining version files. If version is 4.3.6 or earlier, the system is vulnerable.

Check Version:

Check /basercms/VERSION.txt or view version in admin dashboard

Verify Fix Applied:

After updating, verify the version shows 4.3.7 or later in the admin panel and check that toolbar.php has been updated with proper input sanitization.

📡 Detection & Monitoring

Log Indicators:

Unusual admin login attempts
Multiple requests to toolbar.php with script-like parameters
Admin sessions from unexpected IP addresses

Network Indicators:

HTTP requests containing script tags or JavaScript in toolbar.php parameters
Unusual outbound connections from admin sessions

SIEM Query:

source="web_logs" AND uri="*toolbar.php*" AND (query="*<script*" OR query="*javascript:*")

📊 Metadata

CVE ID: CVE-2020-15155

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N

CWE: CWE-79

Published: August 28, 2020

Last Updated: November 21, 2024

🔗 References

https://basercms.net/security/20200827 Vendor Advisory
https://github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30f Patch,Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3 Patch,Third Party Advisory
https://basercms.net/security/20200827 Vendor Advisory
https://github.com/baserproject/basercms/commit/94cbfab74c9fd6d04492597a1a684674c3c0e30f Patch,Third Party Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-4r3m-j6x5-48m3 Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-15155, you might also want to check these: