6661620A

**Name of the Vulnerable Software and Affected Versions** BloodHound version 2.2.0 **Description** The issue allows remote attackers to execute arbitrary OS commands on the victim's machine when the search function's autocomplete feature is used in a specific scenario. This scenario involves the victim importing data from an Active Directory that contains a Group Policy Object (GPO) with JavaScript in its name. **Recommendations** For BloodHound version 2.2.0, consider disabling the autocomplete feature in the search function as a temporary workaround until a patch is available. Restrict access to importing data from Active Directory to minimize the risk of exploitation. Avoid using the autocomplete feature when importing data that may contain malicious JavaScript code in GPO names.