Vulnerabilities > CVE-2020-4040 - Unspecified vulnerability in Boltcms Bolt
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
Vulnerable Configurations
References
- http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html
- http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html
- http://seclists.org/fulldisclosure/2020/Jul/4
- http://seclists.org/fulldisclosure/2020/Jul/4
- https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f
- https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f
- https://github.com/bolt/bolt/pull/7853
- https://github.com/bolt/bolt/pull/7853
- https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8
- https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8