[HIGH] The filename of uploaded files vulnerable to stored XSS

PKSA-zsss-7rtd-kmzf CVE-2020-4041 GHSA-68q3-7wjp-7q3j

Affected package: bolt/bolt

Affected version: <3.7.1

Reported by:
GitHub