CVE-2021-27367 - OpenCVE

Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.

No CVSS v3.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors	Products
Boltcms	Bolt

Configuration 1 [-]

cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/bolt/core/pull/2371	Patch Third Party Advisory
https://github.com/bolt/core/releases/tag/4.1.13	Release Notes Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-02-17T20:47:48

Updated: 2021-02-17T20:47:48

Reserved: 2021-02-17T00:00:00

Link: CVE-2021-27367

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-17T21:15:13.010

Modified: 2021-02-23T17:19:48.777

Link: CVE-2021-27367

JSON object: View

Redhat Information

No data.

CWE