Bolt · Bolt · CVE-2021-27367
**Name of the Vulnerable Software and Affected Versions**
Bolt versions prior to 4.1.13
**Description**
The issue allows Directory Traversal. This is related to the files Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php.
**Recommendations**
For versions prior to 4.1.13, update to version 4.1.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable files Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php until a patch is applied.