Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.
{
"github_reviewed_at": "2022-04-22T20:18:24Z",
"nvd_published_at": "2022-04-11T17:15:00Z",
"github_reviewed": true,
"cwe_ids": [
"CWE-94"
],
"severity": "HIGH"
}