6 matches found
Cross site scripting
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry...
Cross site scripting
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header...
CVE-2017-11128
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry...
CVE-2017-11127
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header...
CVE-2017-11128
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry...
CVE-2017-11127
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header...