Vulnerability

warn

CVE-2020-4040

Description:
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
Last updated date:
10/07/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022

This website uses cookies to enhance the user experience. Check out our privacy policy