Lucene search
GoogleOSV:CVE-2021-40219HistoryApr 11, 2022 - 5:15 p.m.
CVE-2021-40219
2022-04-1117:15:08
Google
osv.dev
6
Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| core | eq | 4.0.0-beta.2.4 | |
| core | eq | 4.1.7.1 | |
| core | eq | 4.0.0-beta.2.7 | |
| core | eq | 4.2.0 | |
| core | eq | 4.1.8 | |
| core | eq | 4.1.2 | |
| core | eq | 4.0.0-beta.5.1 | |
| core | eq | 4.2.0-beta.14 | |
| core | eq | 4.0.0-rc.3 | |
| core | eq | 4.0.0-rc.33 |
Related
osv
osv
Code Injection in Bolt CMS
2022-04-12 00:00:34
nvd
nvd
CVE-2021-40219
2022-04-11 17:15:08
github
github
Code Injection in Bolt CMS
2022-04-12 00:00:34
cve
cve
CVE-2021-40219
2022-04-11 17:15:08
prion
prion
Remote code execution
2022-04-11 17:15:00
cvelist
cvelist
CVE-2021-40219
2022-04-11 16:45:54