bolt/bolt Security Advisories for v3.1.6 (5)
-
[MEDIUM] Bolt CMS Stored XSS
PKSA-wqvm-nbyq-xr4c CVE-2017-11127 GHSA-hqxc-w9vw-3hp5
Affected version: <=3.2.14
Reported by:
GitHub -
[MEDIUM] OS Command injection in Bolt
PKSA-v1tz-xdz7-sr4b CVE-2020-28925 GHSA-w8cj-mvf9-mpc9
Affected version: <3.7.2
Reported by:
GitHub -
[HIGH] CSRF issue on preview pages in Bolt CMS
PKSA-gptm-wvwx-nssm CVE-2020-4040 GHSA-2q66-6cc3-6xm8
Affected version: <3.7.1
Reported by:
GitHub -
[HIGH] The filename of uploaded files vulnerable to stored XSS
PKSA-zsss-7rtd-kmzf CVE-2020-4041 GHSA-68q3-7wjp-7q3j
Affected version: <3.7.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in Bolt
PKSA-hxcd-7rxr-kwnh CVE-2019-15485 GHSA-cj8p-53v9-2c26
Affected version: <3.6.10
Reported by:
GitHub