CVE-2021-3619: XSS
First published: Thu Jul 22 2021(Updated: )
Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentication persistent cross-site scripting (XSS) issue, where an authenticated user could abuse MIME filetype sniffing to embed executable code on a malicious upload. This issue was fixed in version 0.6.0. Note that login rights to Velociraptor is nearly always reserved for trusted and verified users with IT security backgrounds.
Credit: cve@rapid7.con
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rapid7 Velociraptor | <0.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-3619?
CVE-2021-3619 is a vulnerability in Rapid7 Velociraptor 0.5.9 and prior that allows authenticated users to embed executable code on a malicious upload.
What is the severity of CVE-2021-3619?
The severity of CVE-2021-3619 is medium with a CVSS score of 4.8.
How does CVE-2021-3619 work?
CVE-2021-3619 is a post-authentication persistent cross-site scripting (XSS) issue that occurs due to abuse of MIME filetype sniffing.
How can I fix CVE-2021-3619?
CVE-2021-3619 was fixed in version 0.6.0 of Rapid7 Velociraptor. Users should update to this version to resolve the vulnerability.
Where can I find more information about CVE-2021-3619?
More information about CVE-2021-3619 can be found in the following references: [link 1](https://github.com/Velocidex/velociraptor/pull/1118) and [link 2](https://github.com/Velocidex/velociraptor/releases/tag/v0.6.0).
- collector/nvd-index
- vendor/rapid7
- canonical/rapid7 velociraptor