CVE-2024-7299 | Bolt CMS 3.7.1 Entry Preview /preview/page body cross site scripting

A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component Entry Preview Handler. The manipulation of the argument body leads to cross site scripting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2024-7299. The attack may be initiated remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed that the affected release tree is end-of-life.

CVE-2024-7299 | Bolt CMS 3.7.1 Entry Preview /preview/page body cross site scripting

Related Posts

CVE-2024-32633 | ASR Falcon/Crane prior CP01.057.067 eMMC Full Disk Test expression is always false

CVE-2024-10120 | wfh45678 Radar up to 1.0.8 upload file unrestricted upload

CVE-2023-48795 | x-crypto on Go Privilege Escalation

CVE-2024-45491 | libexpat up to 2.6.2 on 32-bit xmlparse.c nDefaultAtts UINT_MAX integer overflow (ID 888)