VYPR
Vendor

BloodHoundAD

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2021-3210CriFeb 19, 2021
    risk 0.63cvss 9.6epss 0.03

    components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter.

  • CVE-2019-15701HigAug 27, 2019
    risk 0.57cvss 8.8epss 0.02

    components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands (by spawning a child process as the current user on the victim's machine) when the search function's autocomplete feature is used. The victim must import data from an…