Lucene search
Veracode Vulnerability DatabaseVERACODE:28859HistoryDec 31, 2020 - 1:40 a.m.
Authorization Bypass
2020-12-3101:40:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
authorization bypass
twig context
access controls
EPSS
0.001
Percentile
30.9%
bolt/bolt is vulnerable to authorization bypass. The filter options in a Request in the Twig context is not restricted and allows an attacker to bypass access controls.
Related
cve
cve
CVE-2020-28925
2020-12-30 19:15:13
osv
osv
CVE-2020-28925
2020-12-30 19:15:13
OS Command injection in Bolt
2021-05-06 18:53:29
cbl_mariner
cbl_mariner
CVE-2020-28925 affecting package bolt 0.9.2-2
2024-09-21 03:20:41
prion
prion
Design/Logic Flaw
2020-12-30 19:15:00
cvelist
cvelist
CVE-2020-28925
2020-12-30 18:47:18
github
github
OS Command injection in Bolt
2021-05-06 18:53:29
nvd
nvd
CVE-2020-28925
2020-12-30 19:15:13
rosalinux
rosalinux
Advisory ROSA-SA-2021-1809
2021-07-02 16:34:28