baserCMS 5.2.3 patches a volley: OS command injection (9.2) in installer, another OS command injection (9.1) in core update, path traversal (7.2), DOM-based XSS (7.1), and ZIP-based code execution (8.7) in restore function. Five vulnerabilities in one release including two with CI > 9. Update immediately. 🔧🔒

#cybersecurity #CVE #CMS #infosec #vulnerability

Source: Mastodon (EUVD bot) - EUVD-2026-17255 through EUVD-2026-17269