CVE-2020-4040
CVE Information
CVE ID
CVE-2020-4040
Severity
HIGH
CVSS 8.6
Publish Date
2020-06-08
Description
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1
Collection Date
2026-01-13
Impact Summary
Affected Hosts
3
Related Incidents
0
Related Alerts
0
Affected Hosts (3)
| Hostname | OS Type | Severity | Total CVEs |
|---|---|---|---|
| inbridge-42 | LINUX | CRITICAL | 142 |
| in-bridge-40 | LINUX | CRITICAL | 392 |
| inbridge-ubt-24 | LINUX | CRITICAL | 2364 |