CVE-2020-4040
CSRF issue on preview pages in Bolt CMS
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Produtos afetados
bolt · boltQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.htmlhttp://seclists.org/fulldisclosure/2020/Jul/4https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419fhttps://github.com/bolt/bolt/pull/7853https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8