CVE-2021-3619

Name of the Vulnerable Software and Affected Versions Rapid7 Velociraptor versions 0.5.9 and prior

Description The issue is a post-authentication persistent cross-site scripting (XSS) problem. An authenticated user could exploit MIME filetype sniffing to embed executable code on a malicious upload. This issue was fixed in version 0.6.0. Typically, login rights to the affected software are reserved for trusted and verified users with IT security backgrounds.

Recommendations For versions 0.5.9 and prior, update to version 0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting file uploads or disabling the functionality that allows embedding executable code until a patch is applied. Restrict access to the affected software to minimize the risk of exploitation, given that login rights are usually reserved for trusted users.