{"id":"GHSA-77fc-4cv5-hmfr","summary":"baserCMS OS command injection vulnerability in Installer","details":"There is a OS command injection in Installer Feature to baserCMS.\n\n### Target\nbaserCMS 5.0.8 and earlier versions\n\n### Vulnerability\nMalicious command may be executed in Installer.\n\n### Countermeasures\nUpdate to the latest version of baserCMS\n\nPlease refer to the following page to reference for more information.\nhttps://basercms.net/security/JVN_73283159\n","aliases":["CVE-2023-51450"],"modified":"2024-02-22T19:56:56.722903Z","published":"2024-02-22T19:43:19Z","database_specific":{"github_reviewed":true,"github_reviewed_at":"2024-02-22T19:43:19Z","cwe_ids":["CWE-78"],"nvd_published_at":"2024-02-22T15:15:08Z","severity":"MODERATE"},"references":[{"type":"WEB","url":"https://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-51450"},{"type":"WEB","url":"https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c"},{"type":"WEB","url":"https://basercms.net/security/JVN_09767360"},{"type":"PACKAGE","url":"https://github.com/baserproject/basercms"}],"affected":[{"package":{"name":"baserproject/basercms","ecosystem":"Packagist","purl":"pkg:composer/baserproject/basercms"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.9"}]}],"versions":["0.0.1","0.0.2","0.0.3","0.0.4","0.0.5","0.0.6","0.0.7","0.0.8","1.0.0","2.0.0","2.0.0-rc1","2.0.0-rc2","2.0.0-rc3","2.0.0-rc4","2.0.0-rc5","2.0.0-rc6","3.0.0","3.0.1","3.0.10","3.0.11","3.0.12","3.0.13","3.0.14","3.0.15","3.0.16","3.0.17","3.0.18","3.0.19","3.0.2","3.0.20","3.0.21","3.0.22","3.0.23","3.0.24","3.0.25","3.0.26","3.0.3","3.0.4","3.0.5","3.0.6","3.0.7","3.0.9","4.0.0","4.1.0","4.2.0","4.2.1","4.2.2","4.2.3","4.2.4","4.2.5","4.4.8","4.5.4","5.0.0","5.0.0-beta1","5.0.0-beta2","5.0.0-beta3","5.0.0-beta4","5.0.1","5.0.2","5.0.3","5.0.4","5.0.5","5.0.6","5.0.7","5.0.8"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-77fc-4cv5-hmfr/GHSA-77fc-4cv5-hmfr.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}