CVE-2026-11511— Bolt CMS HTML Attribute TextType.php HTML injection
Possible ATT&CK Techniques 3AI
T1059 · Command and Scripting Interpreter T1189 · Drive-by Compromise T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-11511
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bolt CMS HTML Attribute TextType.php HTML injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The GitHub repository was archived by the owner and is now read-only. This vulnerability only affects products that are no longer supported by the maintainer.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
Web页面中脚本相关HTML标签转义处理不恰当(基本跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Bolt CMS 注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Bolt CMS是Bolt CMS开源的一套基于PHP的开源的内容管理系统。 Bolt CMS 3.7.5及之前版本存在注入漏洞,该漏洞源于组件HTML Attribute Handler文件src/Storage/Field/Type/TextType.php中对参数style的操作,可能导致HTML注入。攻击者可远程发起攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-11511
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-11511
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: CMS
- CVE-2026-49288
Statamic CMS missing authorization on Control Panel fieldtyp - CVE-2026-49287
Statamic CMS vulnerable to unsafe method invocation via coll - CVE-2026-45660
Statamic: Server-Side Request Forgery via Glide - CVE-2026-44306
Statamic: Email enumeration via forgot password endpoint - CVE-2026-44011
Craft CMS: Potential authenticated Remote Code Execution via
Same vendor: Bolt
- CVE-2025-34086
Bolt CMS Authenticated Remote Code Execution via Profile Inj - CVE-2024-7300
Bolt CMS Showcase Creation showcases cross site scripting - CVE-2024-7299
Bolt CMS Entry Preview page cross site scripting - CVE-2020-4041
The filename of uploaded files vulnerable to stored XSS in B - CVE-2020-4040
CSRF issue on preview pages in Bolt CMS
Same weakness: CWE-80
- CVE-2026-46492
md-fileserver: Stored/Reflected XSS when viewing Markdown (r - CVE-2026-34033
Apache Answer: HTML Content Injection in Email - CVE-2026-9646
ScadaBR Unauthenticated Reflected Cross-Site Scripting - CVE-2026-44839
RabbitMQ: Unsanitized vhost names allow for XSS in managemen - CVE-2026-39642
WordPress Nyla theme <= 1.7 - Arbitrary Shortcode Execution
V. Comments for CVE-2026-11511
No comments yet