CVE-2015-5640 Information

Description

baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.

Reference

http://basercms.net/security/JVN04855224 http://jvn.jp/en/jp/JVN04855224/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000138