CVE-2020-4040

Опубликовано: 08 июн. 2020

Источник: nvd

CVSS3: 8.6

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1

Ссылки

http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2020/Jul/4
Exploit
Mailing List
Third Party Advisory
https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f
Patch
Third Party Advisory
https://github.com/bolt/bolt/pull/7853
Patch
Third Party Advisory
https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8
Patch
Third Party Advisory
http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2020/Jul/4
Exploit
Mailing List
Third Party Advisory
https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f
Patch
Third Party Advisory
https://github.com/bolt/bolt/pull/7853
Patch
Third Party Advisory
https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:*

Версия до 3.7.1 (исключая)

EPSS

Процентиль: 73%

0.00793

Низкий

8.6 High

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2020-4040

CVSS3: 8.6

msrc

4 месяца назад

CSRF issue on preview pages in Bolt CMS

GHSA-2q66-6cc3-6xm8

CVSS3: 8.6

github

больше 5 лет назад

CSRF issue on preview pages in Bolt CMS

EPSS

Процентиль: 73%

0.00793

Низкий

8.6 High

CVSS3

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352