CVE-2021-3619
CVE-2021-3619 affects Rapid7 Velociraptor up to version 0.5.9. It is a post-authentication persistent XSS vulnerability where an authenticated user could abuse MIME type sniffing to embed executable code via a malicious upload. The issue was fixed in version 0.6.0. Note that Velociraptor login ri...