Lucene search
GoogleOSV:CVE-2020-4040HistoryJun 08, 2020 - 10:15 p.m.
CVE-2020-4040
2020-06-0822:15:10
Google
osv.dev
2
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
Related
cve
cve
CVE-2020-4040
2020-06-08 22:15:10
osv
osv
CSRF issue on preview pages in Bolt CMS
2020-06-09 00:25:41
nvd
nvd
CVE-2020-4040
2020-06-08 22:15:10
github
github
CSRF issue on preview pages in Bolt CMS
2020-06-09 00:25:41
prion
prion
Cross site request forgery (csrf)
2020-06-08 22:15:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-06-10 03:26:30
cvelist
cvelist
CVE-2020-4040 CSRF issue on preview pages in Bolt CMS
2020-06-08 22:00:16
cbl_mariner
cbl_mariner
CVE-2020-4040 affecting package bolt 0.9.2-2
2024-07-03 03:08:37
packetstorm
packetstorm
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload
2020-07-03 00:00:00
zdt
zdt
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload Vulnerabilities
2020-07-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1809
2021-07-02 16:34:28