Vulnerabilities > CVE-2024-7300 - Unspecified vulnerability in Boltcms Bolt 3.7.1

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

boltcms

NVD

Published: 2024-07-31

Updated: 2025-02-13

Summary

A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument title/textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.

Vulnerable Configurations

Part	Description	Count
Application	Boltcms Boltcms Bolt 3.7.1	1

References

https://vuldb.com/?ctiid.273168
https://vuldb.com/?id.273168
https://vuldb.com/?submit.380678