A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component Entry Preview Handler. The manipulation of the argument body leads to cross site scripting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2024-7299. The attack may be initiated remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed that the affected release tree is end-of-life.