Miggo Logo
Miggo Vulnerability Database
CVE-2018-18943

CVE-2018-18943: XSS in baserCMS before 4.1.4

4.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-18943
GHSA ID
GHSA-fx2m-5m9v-jhgp
EPSS Score
0.56223%
CWE
CWE-79
Published
5/14/2022
Updated
7/7/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
baserproject/basercmscomposer< 4.1.44.1.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper neutralization of the category name input during web page generation. The blog post explicitly identifies UploaderCategoriesController.php as the component processing the vulnerable parameter, and the CVE description confirms the attack vector targets the edit action (admin/uploader/uploader_categories/edit). In CakePHP MVC architecture, the controller's edit() action would handle form submissions, and the absence of sanitization in this function matches the described XSS behavior.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in **s*r*MS ***or* *.*.*. In t** R**ist*r N*w **t**ory ***tur* o* t** Uplo** m*nu, t** **t**ory n*m* **n ** us** *or XSS vi* t** `**t*[Uplo***r**t**ory][n*m*]` p*r*m*t*r to *n `**min/uplo***r/uplo***r_**t**ori*s/**it` URI.

Reasoning

T** vuln*r**ility st*ms *rom improp*r n*utr*liz*tion o* t** **t**ory n*m* input *urin* w** p*** **n*r*tion. T** *lo* post *xpli*itly i**nti*i*s `Uplo***r**t**ori*s*ontroll*r.p*p` *s t** *ompon*nt pro**ssin* t** vuln*r**l* p*r*m*t*r, *n* t** *V* **s*r