Browse all 4 CVE security advisories affecting baseweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Baseweb is a React component library providing UI building blocks for enterprise applications. Historically, it has faced vulnerabilities including cross-site scripting (XSS) due to improper input sanitization and remote code execution (RCE) through insecure deserialization in some versions. Privilege escalation risks have also been identified in authentication mechanisms. While no major public security incidents have been widely reported, the 4 documented CVEs highlight recurring issues around input validation and secure coding practices. Organizations implementing Baseweb should prioritize regular updates and implement additional security controls, particularly for applications handling user-generated content or operating in high-risk environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3970 | baseweb JSite save cross site scripting — JSiteCWE-79 | 3.5 | Low | 2025-04-27 |
| CVE-2025-3790 | baseweb JSite Apache Druid Monitoring Console index.html access control — JSiteCWE-284 | 5.3 | Medium | 2025-04-18 |
| CVE-2025-3789 | baseweb JSite save cross site scripting — JSiteCWE-79 | 3.5 | Low | 2025-04-18 |
| CVE-2025-3788 | baseweb JSite save cross site scripting — JSiteCWE-79 | 3.5 | Low | 2025-04-18 |
This page lists every published CVE security advisory associated with baseweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.