2 matches found
CVE-2022-35630
The CVE-2022-35630 issue affects Velociraptor and is a cross-site scripting (XSS) in generating a collection report, allowing injection of JavaScript into the static HTML. Root cause: insufficient sanitization in the report generation path (as described in the NVD entry). Impact is documented as ...
CVE-2022-35630 Unsafe HTML Injection in Artifact Collection Report
A cross-site scripting XSS issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor 0.6.5-2...