BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| baserproject/basercms(Packagist) | 0 | 1.6.12 | N/A |
CVSS Metrics
