Lucene search
Rapid7CVELIST:CVE-2022-35630HistoryJul 29, 2022 - 5:00 p.m.
CVE-2022-35630 Unsafe HTML Injection in Artifact Collection Report
2022-07-2917:00:33
CWE-79
rapid7
www.cve.org
2
cve-2022-35630
cross-site scripting
html injection
artifact collection
velociraptor 0.6.5-2
EPSS
0.001
Percentile
31.3%
A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor 0.6.5-2.
CNA Affected
[
{
"product": "Velociraptor",
"vendor": "Rapid7",
"versions": [
{
"lessThan": "0.6.5-2",
"status": "affected",
"version": "0.6.5-2",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2022-07-29 17:15:00
nvd
nvd
CVE-2022-35630
2022-07-29 17:15:09
veracode
veracode
Cross-site Scripting (XSS)
2022-08-01 03:39:17
cve
cve
CVE-2022-35630
2022-07-29 17:15:09
rapid7blog
rapid7blog
CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)
2022-07-26 17:15:00