EPSS
Percentile
58.9%
bolt/bolt is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the title and slug parameters in a POST request to /bolt/editcontent/pages
title
slug
/bolt/editcontent/pages
packetstormsecurity.com/files/151943/Bold-CMS-3.6.4-Cross-Site-Scripting.html
packetstormsecurity.com/files/151943/CVE-2019-9553.txt
www.exploit-db.com/exploits/46495