Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
core | eq | 4.0.0-beta.2.4 | |
core | eq | 4.1.7.1 | |
core | eq | 4.0.0-beta.2.7 | |
core | eq | 4.2.0 | |
core | eq | 4.1.8 | |
core | eq | 4.1.2 | |
core | eq | 4.0.0-beta.5.1 | |
core | eq | 4.2.0-beta.14 | |
core | eq | 4.0.0-rc.3 | |
core | eq | 4.0.0-rc.33 |