CVE-2026-30879
Cross-Site Scripting in baserCMS Blog Posts Before
Publication date: 2026-03-31
Last updated on: 2026-04-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| basercms | basercms | to 5.2.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability can be exploited remotely without any special conditions, privileges, or user interaction.
Its impact is considered moderate with a CVSS v4 base score of 6.9.
It may lead to limited unauthorized disclosure or modification of information through the execution of malicious scripts.
However, it does not significantly affect the confidentiality, integrity, or availability of the overall system, nor does it cause notable system downtime.
The recommended action is to update baserCMS to version 5.2.3 or later to mitigate this risk.
Can you explain this vulnerability to me?
CVE-2026-30879 is a cross-site scripting (XSS) vulnerability in the blog post package of baserCMS, affecting versions 5.2.1 and earlier.
This vulnerability allows attackers to execute malicious JavaScript code within blog posts, which can compromise the security of users who interact with the affected content.
The issue was fixed in baserCMS version 5.2.3.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate step to mitigate this vulnerability is to update baserCMS to version 5.2.3 or later.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The cross-site scripting (XSS) vulnerability in baserCMS blog posts allows execution of malicious JavaScript code, which can lead to limited unauthorized disclosure or modification of information.
Such unauthorized disclosure or modification of information could potentially impact compliance with data protection regulations like GDPR or HIPAA, which require safeguarding personal and sensitive data against unauthorized access or alteration.
However, the vulnerability is rated as having low severity on confidentiality, integrity, and availability, and does not significantly affect system availability.
The recommended mitigation is to update baserCMS to version 5.2.3 or later to address this issue and reduce compliance risks.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a cross-site scripting (XSS) issue in the blog post package of baserCMS versions 5.2.1 and earlier. Detection typically involves identifying if your baserCMS installation is running a vulnerable version or if malicious JavaScript code is present in blog posts.
To detect if your system is vulnerable, first check the baserCMS version. If it is 5.2.1 or earlier, it is vulnerable and should be updated to version 5.2.3 or later.
You can check the baserCMS version by accessing the system or using commands such as:
- If you have shell access, navigate to the baserCMS installation directory and check the version file or use git commands if applicable, for example: `cat VERSION` or `git describe --tags`.
- Search for suspicious or malicious JavaScript code in blog post content stored in the database by querying the database directly, for example using SQL commands like: `SELECT * FROM blog_posts WHERE content LIKE '%<script>%' OR content LIKE '%javascript:%';`
Network detection of exploitation attempts may involve monitoring HTTP requests for suspicious payloads containing script tags or JavaScript code targeting blog post inputs.