Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php.
CVSS Metrics
