Miggo Logo
Miggo Vulnerability Database
CVE-2018-0574

CVE-2018-0574: XSS in baserCMS

6.1

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-0574
GHSA ID
GHSA-6qjv-43mf-rgrh
EPSS Score
0.49274%
CWE
CWE-79
Published
5/14/2022
Updated
10/6/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
baserproject/basercmscomposer>= 4.0.0, <= 4.1.0.1
baserproject/basercmscomposer<= 3.0.15

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability documentation shows patches adding h() escaping to addCrumb() parameters and 'escape' => true to link calls. These specific functions in theme elements handled user-controlled data (crumb names/author names) without proper output encoding, making them injection points. The vendor's security bulletin explicitly lists these files and functions as requiring modification to prevent XSS.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* vuln*r**ility in **s*r*MS (**s*r*MS *.*.*.* *n* **rli*r v*rsions, **s*r*MS *.*.** *n* **rli*r v*rsions) *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* unsp**i*i** v**tors.

Reasoning

T** vuln*r**ility *o*um*nt*tion s*ows p*t***s ***in* `*()` *s**pin* to `****rum*()` p*r*m*t*rs *n* '*s**p*' => tru* to link **lls. T**s* sp**i*i* *un*tions in t**m* *l*m*nts **n*l** us*r-*ontroll** **t* (*rum* n*m*s/*ut*or n*m*s) wit*out prop*r outpu