CVE-2020-4040

Sažetak

Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1

Reference

https://github.com/bolt/bolt/security/advisories/GHSA-2q66-6cc3-6xm8
https://github.com/bolt/bolt/pull/7853
https://github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419f
http://packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.html
http://seclists.org/fulldisclosure/2020/Jul/4

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

07-10-2022 - 01:25

Objavljeno

08-06-2020 - 22:15