Path Traversal

bolt/core is vulnerable to path traversal. The vulnerability exists as it does not properly handle the path string in Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php, allowing directory traversal...

CVE-2021-27367

Bolt CMS prior to version 4.1.13 contains a directory traversal vulnerability in Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php (CVE-2021-27367). The issue allows an attacker to traverse directories, potentially exposing sensitive files. The connected R...