CVE-2026-30878 in basercmsinformation

Résumé (Anglaise)

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables spam or abuse via the API. This issue has been patched in version 5.2.3.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsable

GitHub_M

Réserver

06/03/2026

Divulgation

31/03/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
354318baserproject basercms Submission API élévation de privilèges285Non définiCorrectif officielCVE-2026-30878

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!