CVE Vulnerability

CVE-2020-4040

Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

4.3 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8 Patch Third Party Advisory
https://github.com/bolt/bolt/pull/7853 Patch Third Party Advisory
https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f Patch Third Party Advisory
http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html Exploit Third Party Advisory
http://seclists.org/fulldisclosure/2020/Jul/4 Exploit Mailing List
Configurations

Configuration 1

cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:*
Information

Published : 2020-06-08 10:15

Updated : 2022-10-07 01:25

NVD link : CVE-2020-4040

Mitre link : CVE-2020-4040

Products Affected
No products.
CWE
CWE-352