github.com/velocidex/velociraptor is vulnerable to cross-site scripting. The vulnerability exists in the Completer
function in syntax.js
due to improper sanitization in the description field which allows an attacker to inject and execute malicious javascript.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/velocidex/velociraptor | le | v0.6.5-0 | |
github.com/velocidex/velociraptor | le | v0.6.5-0 |