Critical severity9.6NVD Advisory· Published Feb 19, 2021· Updated Jun 17, 2026
CVE-2021-3210
CVE-2021-3210
Description
components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Bloodhound/Bloodhounddescription
- Range: <=4.0.1
Patches
Vulnerability mechanics
References
3- github.com/BloodHoundAD/BloodHound/blob/338e197dc4b7a1ee929c335141172ada5bc80800/src/components/Modals/HelpModal.jsxnvdExploitThird Party Advisory
- github.com/BloodHoundAD/BloodHound/blob/338e197dc4b7a1ee929c335141172ada5bc80800/src/components/Modals/HelpTexts/GenericAll/GenericAll.jsxnvdExploitThird Party Advisory
- github.com/BloodHoundAD/BloodHound/issues/338nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.