bolt/bolt Security Advisories for v3.6.11 (4)
-
[MEDIUM] Bolt CMS Cross-site Scripting vulnerability
PKSA-j3yv-xgkj-14yx CVE-2024-7300 GHSA-xhqw-4hcq-fcvr
Affected version: <=3.7.1
Reported by:
GitHub -
[MEDIUM] OS Command injection in Bolt
PKSA-v1tz-xdz7-sr4b CVE-2020-28925 GHSA-w8cj-mvf9-mpc9
Affected version: <3.7.2
Reported by:
GitHub -
[HIGH] CSRF issue on preview pages in Bolt CMS
PKSA-gptm-wvwx-nssm CVE-2020-4040 GHSA-2q66-6cc3-6xm8
Affected version: <3.7.1
Reported by:
GitHub -
[HIGH] The filename of uploaded files vulnerable to stored XSS
PKSA-zsss-7rtd-kmzf CVE-2020-4041 GHSA-68q3-7wjp-7q3j
Affected version: <3.7.1
Reported by:
GitHub