Advisories

Bolt CMS Authenticated Remote Code Execution via Profile Injection and File Rename

Go Back
severity
high
date
Affecting
  • Bolt CMS <= 3.7.0

CVE type
Code Injection
CVSS
7.5
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Credit
Sivanesh Ashok