CVE-2024-7299 | Bolt CMS 3.7.1 Entry Preview /preview/page body cross site scripting

A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component Entry Preview Handler. The manipulation of the argument body leads to cross site scripting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2024-7299. The attack may be initiated remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed that the affected release tree is end-of-life.

CVE-2024-7299 | Bolt CMS 3.7.1 Entry Preview /preview/page body cross site scripting

Related Posts

CVE-2024-2302 | Easy Digital Downloads Plugin up to 3.2.9 on WordPress information disclosure

CVE-2024-9816 | Codezips Tourist Management System 1.0 /admin/change-image.php packageimage unrestricted upload

CVE-2024-0151 | ARM v8-M Security Extensions Requirements on Development Tools unexpected data type

CVE-2024-22104 | Mitsubishi Electric CPU Module Logging Configuration Tool out-of-bounds write (icsa-24-135-04)