Vulnerabilities

Report: CVE-2026-30878 - baserCMS: Mail Form Acceptance Bypass via Public API

2026-03-31 0 views admin

CVE ID :CVE-2026-30878 Published : March 31, 2026, 1:16 a.m. | 21 minutes ago Description :baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables spam or abuse via the API. This issue has been patched in version 5.2.3. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-30878

Severity

MEDIUM

Published

March 31, 2026

🏷️ Tags

report30878basercmsacceptancebypasspublicpublishedminutescvecve-2026-30878

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-30878 - baserCMS: Mail Form Acceptance Bypass via Public API

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-5156 - Tenda CH22 Parameter QuickIndex formQuickIndex stack-based overflow - Guide

Report: CVE-2026-5157 - code-projects Online Food Ordering System Order order.php cross site scripting

Report: - baserCMS: unsafe File Upload Leading to Remote Code Execution (RCE) CVE-2025-32957

Report: Complete Guide to CVE-2026-30877 - baserCMS: OS Command Injection in the baserCMS Update Functionality

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting