Kotatubot

#14749of 53,633
18.3Total CVSS
Vulnerabilities · 3
Medium
3
PT-2019-14212
6.1
2019-08-23
Bolt · Bolt · CVE-2019-15483
**Name of the Vulnerable Software and Affected Versions** Bolt versions prior to 3.6.10 **Description** The issue arises from mishandling a title in the system log, leading to a potential XSS attack. **Recommendations** For versions prior to 3.6.10, update to version 3.6.10 or later to resolve the issue.
PT-2019-14213
6.1
2019-08-23
Bolt · Bolt · CVE-2019-15484
**Name of the Vulnerable Software and Affected Versions** Bolt versions prior to 3.6.10 **Description** The issue allows for XSS attacks through an image's alt or title field. **Recommendations** For versions prior to 3.6.10, update to version 3.6.10 or later to resolve the issue.
PT-2019-14214
6.1
2019-08-23
Bolt · Bolt · CVE-2019-15485
**Name of the Vulnerable Software and Affected Versions** Bolt versions prior to 3.6.10 **Description** The issue is related to cross-site scripting (XSS) that can occur via the createFolder or createFile functions in the Controller/Async/FilesystemManager.php file. **Recommendations** For versions prior to 3.6.10, update to version 3.6.10 or later to resolve the issue.