CVE-2017-10843

Description

baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.

Affected products

• baserCMS Users Community / baserCMS3.0.14 and earlier – 3.0.14 and earlier
• baserCMS Users Community / baserCMS4.0.5 and earlier – 4.0.5 and earlier

References

• MISChttps://basercms.net/security/JVN78151490
• MISChttp://jvn.jp/en/jp/JVN78151490/index.html