CVE-2019-20058
https://notcve.org/view.php?id=CVE-2019-20058
Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is shown on the _profiler page. NOTE: this is disputed because profiling was never intended for use in production. This is related to CVE-2018-12040 ** EN DISPUTA ** Bolt versión 3.7.0, si Symfony Web Profiler es usado, permite un ataque de tipo XSS porque una entrada no saneada search?search= se muestra en la página _profiler. • https://github.com/bolt/bolt/issues/7830 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-15485
https://notcve.org/view.php?id=CVE-2019-15485
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. Bolt anterior de la versión 3.6.10 tiene XSS a través de createFolder o createFile en Controller / Async / FilesystemManager.php. • https://github.com/bolt/bolt/pull/7800 https://github.com/bolt/bolt/releases/tag/v3.6.10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-15484
https://notcve.org/view.php?id=CVE-2019-15484
Bolt before 3.6.10 has XSS via an image's alt or title field. Bolt versiones anteriores a 3.6.10 tiene XSS a través del campo alt o título de una imagen. • https://github.com/bolt/bolt/pull/7801 https://github.com/bolt/bolt/releases/tag/v3.6.10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-15483
https://notcve.org/view.php?id=CVE-2019-15483
Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. Bolt anterior de la versión 3.6.10 tiene XSS a través de un título que se maneja mal en el registro del sistema. • https://github.com/bolt/bolt/pull/7802 https://github.com/bolt/bolt/releases/tag/v3.6.10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-10874 – Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-10874
Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file. Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la funcionalidad de subida de archivos "bolt/upload" en Bolt CMS, en su versión 3.6.6, permite a los atacantes remotos ejecutar código arbitrario subiendo un archivo JavaScript para incluir extensiones ejecutables en el archivo de configuración en file/edit/config/config.yml. Bolt CMS version 3.6.6 suffers from cross site request forgery and code execution vulnerabilities. • https://www.exploit-db.com/exploits/46664 http://packetstormsecurity.com/files/152429/Bolt-CMS-3.6.6-Cross-Site-Request-Forgery-Code-Execution.html https://fgsec.net/from-csrf-to-rce-bolt-cms https://github.com/bolt/bolt/pull/7768/commits/91187aef36363a870d60b0a3c1bf8507af34c9e4 • CWE-352: Cross-Site Request Forgery (CSRF) •