CVE-2021-39136: 
PHP vulnerability analysis and mitigation

A cross-site scripting (XSS) vulnerability was discovered in baserCMS versions 4.5.0 and earlier, specifically in the file upload functionality of the management system. The vulnerability was disclosed on August 25, 2021, and was assigned CVE-2021-39136. This security issue affects the file upload feature in the administrative interface of baserCMS (JVN, GitHub Advisory).

The vulnerability exists in the file upload functionality within the management system of baserCMS. The issue was specifically located in the lib/Baser/Plugin/Uploader/View/UploaderFiles/admin/ajax_image.php file, where user input was not properly sanitized before being displayed. The vulnerability received a CVSS v3.0 Base Score of 4.8 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N) (JVN).

When exploited, this vulnerability could allow an attacker to execute malicious JavaScript code in the user's web browser. This could result in page content manipulation and potential cookie information leakage. The impact is particularly significant when the management system is accessed by multiple users (GitHub Advisory).

The vulnerability was patched in baserCMS version 4.5.1. Users are strongly advised to update to this version or later to address the security issue. The fix involved properly sanitizing user input by implementing HTML encoding using the h() function, as evidenced in the patch (GitHub Commit).

The vulnerability was initially reported by Akagi Yusuke of NTT-ME CORPORATION to IPA, and JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership (JVN).