CVE-2017-11128by Jeremyin Security Bulletinson Posted on July 17, 2017 Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.