Impact
Hayabusa versions older than 3.8.0 contain an XSS flaw in the HTML report that enables an attacker to inject malicious JavaScript into the Computer field of JSON‑exported logs. When a forensic examiner views the generated report, the injected script runs in the browser, potentially disclosing sensitive data or performing unauthorized actions. The vulnerability is classified as CWE‑79 and is a classic reflected XSS scenario.
Affected Systems
The affected product is Hayabusa, released by Yamato‑Security. All versions lower than 3.8.0 are vulnerable; any installation that has not upgraded to at least 3.8.0 is at risk.
Risk and Exploitability
The CVSS score of 5.1 indicates moderate severity; the exploit probability score is unavailable and it is not listed in the CISA KEV catalog. The attack vector is inferred to be through the web interface where users load and view JSON logs—an attacker must supply a crafted log file, and the victim must open the resulting HTML report. Attack requires user interaction but poses a real risk of data disclosure or session hijacking for the examiner.
OpenCVE Enrichment