CVE-2019-15485

NONE EPSS 53.9%
Published Aug 23, 20196y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Aug 23, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php.

Threat Intelligence

EPSS Exploit Probability
53.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
boltcmsbolt* <3.6.10

References 2

  • github.com https://github.com/bolt/bolt/pull/7800
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/bolt/bolt/releases/tag/v3.6.10
    Issue TrackingThird Party Advisory

Remediation

  • github.com https://github.com/bolt/bolt/pull/7800
    Issue TrackingPatchThird Party Advisory