CVE-2021-40219

Published April 11th, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECTS

Description

Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.

iiSiLvEr/CVEs

GitHub

bolt/core

🧿 Bolt core

GitHub

582