Mike Cohen

**Name of the Vulnerable Software and Affected Versions** Rapid7 Velociraptor versions 0.5.9 and prior **Description** The issue is a post-authentication persistent cross-site scripting (XSS) problem. An authenticated user could exploit MIME filetype sniffing to embed executable code on a malicious upload. This issue was fixed in version 0.6.0. Typically, login rights to the affected software are reserved for trusted and verified users with IT security backgrounds. **Recommendations** For versions 0.5.9 and prior, update to version 0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting file uploads or disabling the functionality that allows embedding executable code until a patch is applied. Restrict access to the affected software to minimize the risk of exploitation, given that login rights are usually reserved for trusted users.