bolt/core

Releases254

Frequency1 week 3 days

Last Release about 1 month ago

Stars582

🧿 Bolt core

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-40219 ↗	Apr 11, 2022Monday, 11 April 2022, 17:15	8.8 HIGH	6.5 MEDIUM
Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.
CVE-2021-27367 ↗	Feb 17, 2021Wednesday, 17 February 2021, 21:15	7.5 HIGH	5 MEDIUM
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.