baserCMS: SQL injection vulnerability in blog post

Description

A vulnerability labeled as critical has been found in baserproject basercms up to 5.2.2. Affected by this issue is some unknown functionality of the component Blog Post Handler. Executing a manipulation can lead to sql injection. This vulnerability is tracked as CVE-2026-27697. The attack can be launched remotely. The affected component should be upgraded.

Affected Products

References

• https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p(x_refsource_CONFIRM)
• https://basercms.net/security/JVN_20837860(x_refsource_MISC)
• https://github.com/baserproject/basercms/releases/tag/5.2.3(x_refsource_MISC)

Related News (1 articles)