Vulnerabilities > Bloodhound Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-19	CVE-2021-3210	Cross-site Scripting vulnerability in Bloodhound Project Bloodhound components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter. network low complexity bloodhound-project CWE-79 critical	9.6
2019-08-27	CVE-2019-15701	OS Command Injection vulnerability in Bloodhound Project Bloodhound 2.2.0 components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands (by spawning a child process as the current user on the victim's machine) when the search function's autocomplete feature is used. network low complexity bloodhound-project CWE-78	8.8

Vulnerabilities > Bloodhound Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bloodhound Project"}]}