Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code...
8.8CVSS
8.9AI Score
0.004EPSS
Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code...
8.8CVSS
9.1AI Score
0.057EPSS
In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to...
7.4CVSS
6.1AI Score
0.006EPSS
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized...
8.6CVSS
4.7AI Score
0.003EPSS
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New...
6.1CVSS
5.8AI Score
0.005EPSS
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New...
5.4CVSS
5.2AI Score
0.001EPSS
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml"...
5.4CVSS
5.1AI Score
0.001EPSS