baserCMS DOM-Based Cross-Site Scripting Vulnerability (CVE-2026-32734)
baserCMS versions prior to 5.2.3 are vulnerable to DOM-based Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation, potentially allowing a remote attacker to execute arbitrary JavaScript in a user's browser.
baserCMS, a website development framework, is susceptible to DOM-based cross-site scripting (XSS) attacks in versions prior to 5.2.3. This vulnerability, identified as CVE-2026-32734, arises from the improper neutralization of input during the creation of tags. An attacker can exploit this by injecting malicious JavaScript code into the DOM, which is then executed in the victim’s browser when they interact with the crafted web page. Successful exploitation can lead to session hijacking…
Detection coverage 2
Detect baserCMS CVE-2026-32734 Exploit Attempt
highDetects potential exploit attempts targeting the baserCMS DOM-based XSS vulnerability (CVE-2026-32734).
Detect baserCMS CVE-2026-32734 Exploit Attempt (Encoded)
mediumDetects potential exploit attempts targeting the baserCMS DOM-based XSS vulnerability (CVE-2026-32734) using URL encoded payloads.
Detection queries are kept inside the platform. Get full rules →