CVE-2025-34086
Bolt CMS versions 3.7.0 and earlier are affected by an authenticated remote code execution chain. An authenticated user can inject PHP code into the displayname field, which is rendered unsanitized in backend templates. The attacker can enumerate and rename cached session files via /async/browse/...