Количество 3
Количество 3
CVE-2020-4040
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
CVE-2020-4040
CSRF issue on preview pages in Bolt CMS
GHSA-2q66-6cc3-6xm8
CSRF issue on preview pages in Bolt CMS
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-4040 Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1 | CVSS3: 8.6 | 1% Низкий | больше 5 лет назад |
 | CVE-2020-4040 CSRF issue on preview pages in Bolt CMS | CVSS3: 8.6 | 1% Низкий | 4 месяца назад |
| GHSA-2q66-6cc3-6xm8 CSRF issue on preview pages in Bolt CMS | CVSS3: 8.6 | 1% Низкий | больше 5 лет назад |
Уязвимостей на страницу