CVE-2023-51450: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

February 22, 2024

baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability.

References

basercms.net/security/JVN_09767360
github.com/advisories/GHSA-77fc-4cv5-hmfr
github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601c
github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr
nvd.nist.gov/vuln/detail/CVE-2023-51450

Code Behaviors & Features

Detect and mitigate CVE-2023-51450 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →