CVE-2024-46998 – baserCMS versions before 5.1.2 contain a cross-... (How to Fix)

Q: What is the severity of CVE-2024-46998?

CVE-2024-46998 has a CVSS score of 7.1 (HIGH). baserCMS versions before 5.1.2 contain a cross-site scripting (XSS) vulnerability in the Edit Email Form Settings feature. This allows attackers to inject malicious scripts that execute in users' browsers when they view the affected settings page. Administrators and users with access to email form settings are primarily affected.

📋 TL;DR

baserCMS versions before 5.1.2 contain a cross-site scripting (XSS) vulnerability in the Edit Email Form Settings feature. This allows attackers to inject malicious scripts that execute in users' browsers when they view the affected settings page. Administrators and users with access to email form settings are primarily affected.

💻 Affected Systems

Products:

baserCMS

Versions: All versions prior to 5.1.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations with the Edit Email Form Settings feature enabled and accessible.

📦 What is this software?

Basercms by Basercms

View all CVEs affecting Basercms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could steal administrator session cookies, perform actions as the administrator, deface the website, or redirect users to malicious sites.

🟠

Likely Case

Attackers inject malicious scripts to steal session cookies or credentials from administrators accessing the email form settings.

🟢

If Mitigated

With proper input validation and output encoding, the malicious scripts would be neutralized before execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires the attacker to have access to inject malicious input into the email form settings, typically requiring some level of access or social engineering.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.2

Vendor Advisory: https://basercms.net/security/JVN_98693329

Restart Required: No

Instructions:

1. Backup your baserCMS installation and database. 2. Download baserCMS version 5.1.2 from the official repository. 3. Replace the existing files with the new version. 4. Clear any caching mechanisms. 5. Verify the update was successful.

🔧 Temporary Workarounds

Disable Email Form Settings Access

all

Restrict access to the Edit Email Form Settings feature to only trusted administrators.

Implement Input Validation

all

Add server-side input validation to sanitize user inputs in the email form settings.

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to mitigate script execution.
Use web application firewalls (WAF) to filter malicious input patterns.

🔍 How to Verify

Check if Vulnerable:

Check the baserCMS version in the admin panel or via the system information page.

Check Version:

Check the version in the admin dashboard or inspect the baserCMS configuration files.

Verify Fix Applied:

After updating, confirm the version is 5.1.2 or later and test the Edit Email Form Settings for any script injection.

📡 Detection & Monitoring

Log Indicators:

Unusual input patterns in email form settings logs, such as script tags or JavaScript code.

Network Indicators:

Unexpected outbound connections from the baserCMS server after accessing email settings.

SIEM Query:

Search for logs containing 'email_form_settings' with suspicious payloads like <script> or javascript:

📊 Metadata

CVE ID: CVE-2024-46998

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

CWE: CWE-79

Published: October 24, 2024

Last Updated: October 28, 2024

🔗 References

https://basercms.net/security/JVN_98693329 Vendor Advisory
https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46998, you might also want to check these: