7 matches found
EUVD-2022-1977
Malicious code in bioql PyPI...
CVE-2017-11128
creationtimestamp| type| source ---|---|--- 2024-04-24 22:08:17+00:00| seen| https://t.me/arpsyndicate/4830 2024-04-24 22:34:08+00:00| seen| https://t.me/arpsyndicate/4834 2025-02-14 15:12:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4453 2025-02-14 21:08:29+00:00|...
GHSA-2G23-QMMP-FVMR Bolt Cross-site Scripting via the slug, teaser or title parameters
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933...
CVE-2019-9553
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933...
Sql injection
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933...
CVE-2019-9553
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933...
CVE-2017-11128
CVE-2017-11128 affects Bolt CMS (notably version 3.2.14) and is caused by stored XSS via the Title field when creating a new entry. The vulnerability arises from unsanitized text input in a content title, enabling script execution in contexts where the title is displayed. Public references in the...