Description
A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The GitHub repository was archived by the owner and is now read-only. This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-06-08
Score: 5.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A weakness in Bolt CMS allows manipulation of the style argument in the TextType.php component, leading to unsanitized HTML injection. This flaw enables an attacker to inject arbitrary HTML attributes, which can in turn trigger cross‑site scripting or other client‑side attacks when the injected content is rendered. The description states that the attack can be launched remotely, and an exploit is publicly available, indicating that the vulnerability is already weaponised.

Affected Systems

Bolt CMS versions up to and including 3.7.5 are affected. This includes all releases that are no longer maintained by the vendor. No specific sub‑plugins or modules are singled out, so any installation of the vulnerable version that uses the HTML Attribute Handler is at risk.

Risk and Exploitability

The CVSS score of 5.1 classifies the vulnerability as medium severity. EPSS data is not available and the flaw is not listed in CISA’s KEV catalog. Because the exploit can be performed remotely and is already in the public domain, the likelihood of real‑world exploitation is higher than the internal metrics might suggest. Effective exploitation requires the ability to supply crafted input to the style field, which can often be achieved via normal user interactions or API calls within the CMS interface.

Generated by OpenCVE AI on June 8, 2026 at 14:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Bolt CMS to a supported version (3.8 or newer) where the HTML Attribute Handler sanitises or removes the vulnerable style parameter.
  • If an upgrade is not immediately possible, disable or restrict the style attribute in the configuration, or apply input validation to strip or escape HTML attributes before rendering.
  • Monitor application logs for unexpected style or HTML content and apply web‑application firewall rules to block or sanitize malicious input until a patch can be applied.

Generated by OpenCVE AI on June 8, 2026 at 14:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 08 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 13:00:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The GitHub repository was archived by the owner and is now read-only. This vulnerability only affects products that are no longer supported by the maintainer.
Title Bolt CMS HTML Attribute TextType.php HTML injection
First Time appeared Bolt
Bolt cms
Weaknesses CWE-74
CWE-80
CPEs cpe:2.3:a:bolt:cms:*:*:*:*:*:*:*:*
Vendors & Products Bolt
Bolt cms
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Bolt Cms
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-08T13:19:00.864Z

Reserved: 2026-06-07T15:45:50.571Z

Link: CVE-2026-11511

cve-icon Vulnrichment

Updated: 2026-06-08T13:18:47.087Z

cve-icon NVD

Status : Deferred

Published: 2026-06-08T13:16:32.007

Modified: 2026-06-08T15:16:42.643

Link: CVE-2026-11511

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-08T14:45:04Z

Weaknesses