Bolt is vulnerable to cross-site scripting (XSS). The vulnerability exists due to lack of proper handling of Create file
for system log in file manager, allowing a remote attacker to inject arbitrary Javascript into a victim’s browser through the affected parameters.