Baigo: >> Baigo Cms >> 2.1.1 Security Vulnerabilities
An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the opt[base][BG_SITE_NAME] parameter to the bg_console/index.php?m=opt&c=request URI.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-02-28
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file.
CVSS Score
9.8
EPSS Score
0.031
Published
2019-02-28
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-09-04