Bobdenotter

**Name of the Vulnerable Software and Affected Versions** Bolt CMS versions prior to 3.7.1 **Description** The filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to prevent renaming the file to disallowed filename extensions could be circumvented. **Recommendations** For versions prior to 3.7.1, update to Bolt 3.7.1 to resolve the issue. As a temporary workaround, consider restricting the ability to rename uploaded files until the update is applied.