CVE-2024-7300
- Source
- https://cve.org/CVERecord?id=CVE-2024-7300
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-7300.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-7300
- Aliases
- Published
- 2024-07-31T07:00:06.610Z
- Modified
- 2026-05-18T05:59:06.691714273Z
- Severity
-
- 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Bolt CMS Showcase Creation showcases cross site scripting
- Details
-
A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument title/textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life.
- Database specific
{ "cwe_ids": [ "CWE-79" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/7xxx/CVE-2024-7300.json", "cna_assigner": "VulDB", "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "3.7.1" } ], "source": "AFFECTED_FIELD" } ] }- References
Affected packages
Git / github.com/bolt/bolt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bolt/bolt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "3.7.1" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:boltcms:bolt:3.7.1:*:*:*:*:*:*:*" }
Affected versions
3.*
3.7.1
v0.*
v0.8.4
v0.8.5
v0.9.10
v0.9.5
v1.*
v1.0.0
v1.1.2
v1.1.4
v1.2.1
v1.4.0
v1.4.3
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.1.0
v3.*
v3.6.0
v3.6.0-beta.1
v3.6.0-beta.2
v3.6.0-beta.3
v3.6.0-beta.4
v3.6.0-beta.6
v3.6.0-beta.7
v3.6.1
v3.6.10
v3.6.11
v3.6.2
v3.6.3
v3.6.4
v3.6.5
v3.6.6
v3.6.7
v3.6.8
v3.6.9
v3.7.0