High severityNVD Advisory· Published Jun 8, 2020· Updated Aug 4, 2024
The filename of uploaded files vulnerable to stored XSS in Bolt CMS
CVE-2020-4041
Description
In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to prevent renaming the file to disallowed filename extensions could be circumvented. This is fixed in Bolt 3.7.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bolt/boltPackagist | < 3.7.1 | 3.7.1 |
Affected products
2- bolt/boltv5Range: < 3.7.1
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/advisories/GHSA-68q3-7wjp-7q3jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-4041ghsaADVISORY
- packetstormsecurity.com/files/158299/Bolt-CMS-3.7.0-XSS-CSRF-Shell-Upload.htmlghsax_refsource_MISCWEB
- seclists.org/fulldisclosure/2020/Jul/4ghsamailing-listx_refsource_FULLDISCWEB
- github.com/bolt/bolt/commit/b42cbfcf3e3108c46a80581216ba03ef449e419fghsax_refsource_MISCWEB
- github.com/bolt/bolt/pull/7853ghsax_refsource_MISCWEB
- github.com/bolt/bolt/security/advisories/GHSA-68q3-7wjp-7q3jghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.