Lucene search
Veracode Vulnerability DatabaseVERACODE:25641HistoryJun 10, 2020 - 2:51 a.m.
Cross-site Scripting (XSS)
2020-06-1002:51:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
EPSS
0.006
Percentile
79.0%
bolt/bolt is vulnerable to cross-site scripting attacks. A malicious user can inject and execute arbitrary web script through the filename parameter during renaming the file after creating/uploading the file.
Related
cvelist
cvelist
osv
osv
The filename of uploaded files vulnerable to stored XSS
2020-06-09 00:25:34
CVE-2020-4041
2020-06-08 22:15:10
github
github
The filename of uploaded files vulnerable to stored XSS
2020-06-09 00:25:34
prion
prion
Design/Logic Flaw
2020-06-08 22:15:00
nvd
nvd
CVE-2020-4041
2020-06-08 22:15:10
cve
cve
CVE-2020-4041
2020-06-08 22:15:10
cbl_mariner
cbl_mariner
CVE-2020-4041 affecting package bolt 0.9.2-2
2024-09-21 03:20:41
packetstorm
packetstorm
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload
2020-07-03 00:00:00
zdt
zdt
Bolt CMS 3.7.0 XSS / CSRF / Shell Upload Vulnerabilities
2020-07-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1809
2021-07-02 16:34:28