4 matches found
Cross-site Scripting in Bolt
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...
CVE-2019-15485
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...
CVE-2019-15483
Bolt before 3.6.10 has XSS via a title that is mishandled in the system log...
Design/Logic Flaw
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...