CVE-2026-11511 | Bolt CMS up to 3.7.5 HTML Attribute TextType.php style HTML injection

A vulnerability was found in Bolt CMS up to 3.7.5. It has been declared as problematic. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is registered as CVE-2026-11511. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The GitHub repository was archived by the owner and is now read-only.

CVE-2026-11511 | Bolt CMS up to 3.7.5 HTML Attribute TextType.php style HTML injection

Post correlati

CVE-2024-51300 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi get_rrd command injection

CVE-2023-32451 | Dell Display Manager 2.1.1.17 Uninstallation least privilege violation (dsa-2023-182)

CVE-2024-41043 | Linux Kernel up to 6.9.9 nfnetlink_queue Privilege Escalation (86858da8335d/631a4b3ddc78)

CVE-2025-11599 | Campcodes Online Apartment Visitor Management System 1.0 /forgot-password.php email sql injection