RSS   Vulnerabilities for 'Bolt cms'   RSS

2022-04-11
 
CVE-2021-40219

CWE-94
 

 
Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.

 
2017-07-17
 
CVE-2017-11128

 

 
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.

 
 
CVE-2017-11127

 

 
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header.

 

 >>> Vendor: BOLT 2 Products
BOLT
Bolt cms


Copyright 2024, cxsecurity.com

 

Back to Top