CVE-2024-46995 – baserCMS versions before 5.1.2 contain a cross-... (How to Fix)

Q: What is the severity of CVE-2024-46995?

CVE-2024-46995 has a CVSS score of 6.1 (MEDIUM). baserCMS versions before 5.1.2 contain a cross-site scripting (XSS) vulnerability in HTTP 400 Bad Request handling. This allows attackers to inject malicious scripts that execute in users' browsers when they encounter a crafted bad request. All baserCMS installations using vulnerable versions are affected.

📋 TL;DR

baserCMS versions before 5.1.2 contain a cross-site scripting (XSS) vulnerability in HTTP 400 Bad Request handling. This allows attackers to inject malicious scripts that execute in users' browsers when they encounter a crafted bad request. All baserCMS installations using vulnerable versions are affected.

💻 Affected Systems

Products:

baserCMS

Versions: All versions prior to 5.1.2

Operating Systems: Any OS running baserCMS

Default Config Vulnerable: ⚠️ Yes

Notes: All baserCMS installations using default configurations are vulnerable.

📦 What is this software?

Basercms by Basercms

View all CVEs affecting Basercms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, deface websites, or redirect users to malicious sites.

🟠

Likely Case

Attackers inject malicious scripts to steal user session data or credentials when users encounter crafted bad requests.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be neutralized before execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

XSS vulnerabilities typically have low exploitation complexity, though specific details of this vulnerability are not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.2

Vendor Advisory: https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv

Restart Required: Yes

Instructions:

1. Backup your baserCMS installation and database. 2. Download baserCMS 5.1.2 from the official repository. 3. Replace existing files with the new version. 4. Clear any caching mechanisms. 5. Restart your web server.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize all user inputs before processing HTTP 400 responses.

Content Security Policy

all

Implement a strict Content Security Policy header to restrict script execution sources.

Add to web server config: Content-Security-Policy: default-src 'self'; script-src 'self'

🧯 If You Can't Patch

Implement a Web Application Firewall (WAF) with XSS protection rules.
Disable or restrict access to the vulnerable component if possible.

🔍 How to Verify

Check if Vulnerable:

Check your baserCMS version in the admin panel or by examining the application files.

Check Version:

Check baserCMS admin dashboard or examine /baser/config/version.php file

Verify Fix Applied:

Confirm version is 5.1.2 or later in the admin panel or by checking the application files.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP 400 requests with script tags or JavaScript code in parameters
Multiple failed requests from single IPs with suspicious payloads

Network Indicators:

HTTP requests containing script tags or JavaScript in query parameters triggering 400 responses

SIEM Query:

source="web_server_logs" AND (status=400 AND (uri="*<script*" OR uri="*javascript:*"))

📊 Metadata

CVE ID: CVE-2024-46995

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: October 24, 2024

Last Updated: October 28, 2024

🔗 References

https://basercms.net/security/JVN_06274755 Vendor Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46995, you might also want to check these: