logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2020-4040

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2020-4040

Description:
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
Last updated date:
10/07/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022
Reference url to background

http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy