6.1
CVE-2017-1000054
- EPSS 0.21%
- Veröffentlicht 17.07.2017 13:18:17
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginRocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rocketchat ≫ Rocket.Chat Version0.8.0
Rocketchat ≫ Rocket.Chat Version0.9.0
Rocketchat ≫ Rocket.Chat Version0.10.0
Rocketchat ≫ Rocket.Chat Version0.10.1
Rocketchat ≫ Rocket.Chat Version0.10.2
Rocketchat ≫ Rocket.Chat Version0.11.0
Rocketchat ≫ Rocket.Chat Version0.12.0
Rocketchat ≫ Rocket.Chat Version0.12.1
Rocketchat ≫ Rocket.Chat Version0.13.0
Rocketchat ≫ Rocket.Chat Version0.14.0
Rocketchat ≫ Rocket.Chat Version0.15.0
Rocketchat ≫ Rocket.Chat Version0.16.0
Rocketchat ≫ Rocket.Chat Version0.17.0
Rocketchat ≫ Rocket.Chat Version0.18.0
Rocketchat ≫ Rocket.Chat Version0.18.1
Rocketchat ≫ Rocket.Chat Version0.19.0
Rocketchat ≫ Rocket.Chat Version0.20.0
Rocketchat ≫ Rocket.Chat Version0.21.0
Rocketchat ≫ Rocket.Chat Version0.22.0
Rocketchat ≫ Rocket.Chat Version0.23.0
Rocketchat ≫ Rocket.Chat Version0.24.0
Rocketchat ≫ Rocket.Chat Version0.25.0
Rocketchat ≫ Rocket.Chat Version0.26.0
Rocketchat ≫ Rocket.Chat Version0.27.0
Rocketchat ≫ Rocket.Chat Version0.28.0
Rocketchat ≫ Rocket.Chat Version0.29.0
Rocketchat ≫ Rocket.Chat Version0.30.0
Rocketchat ≫ Rocket.Chat Version0.31.0
Rocketchat ≫ Rocket.Chat Version0.32.0
Rocketchat ≫ Rocket.Chat Version0.33.0
Rocketchat ≫ Rocket.Chat Version0.34.0
Rocketchat ≫ Rocket.Chat Version0.35.0
Rocketchat ≫ Rocket.Chat Version0.36.0
Rocketchat ≫ Rocket.Chat Version0.37.0
Rocketchat ≫ Rocket.Chat Version0.37.1
Rocketchat ≫ Rocket.Chat Version0.38.0
Rocketchat ≫ Rocket.Chat Version0.39.0
Rocketchat ≫ Rocket.Chat Version0.40.1
Rocketchat ≫ Rocket.Chat Version0.41.0
Rocketchat ≫ Rocket.Chat Version0.42.0
Rocketchat ≫ Rocket.Chat Version0.43.0
Rocketchat ≫ Rocket.Chat Version0.44.0
Rocketchat ≫ Rocket.Chat Version0.45.0
Rocketchat ≫ Rocket.Chat Version0.46.0
Rocketchat ≫ Rocket.Chat Version0.47.0
Rocketchat ≫ Rocket.Chat Version0.47.1
Rocketchat ≫ Rocket.Chat Version0.48.0
Rocketchat ≫ Rocket.Chat Version0.48.1
Rocketchat ≫ Rocket.Chat Version0.48.2
Rocketchat ≫ Rocket.Chat Version0.49.0
Rocketchat ≫ Rocket.Chat Version0.49.1
Rocketchat ≫ Rocket.Chat Version0.49.2
Rocketchat ≫ Rocket.Chat Version0.49.3
Rocketchat ≫ Rocket.Chat Version0.49.4
Rocketchat ≫ Rocket.Chat Version0.50.0
Rocketchat ≫ Rocket.Chat Version0.50.1
Rocketchat ≫ Rocket.Chat Version0.51.0
Rocketchat ≫ Rocket.Chat Version0.52.0
Rocketchat ≫ Rocket.Chat Version0.53.0
Rocketchat ≫ Rocket.Chat Version0.54.0
Rocketchat ≫ Rocket.Chat Version0.54.1
Rocketchat ≫ Rocket.Chat Version0.54.2
Rocketchat ≫ Rocket.Chat Version0.55.0
Rocketchat ≫ Rocket.Chat Version0.55.1
Rocketchat ≫ Rocket.Chat Version0.56.0
Rocketchat ≫ Rocket.Chat Version0.57.0
Rocketchat ≫ Rocket.Chat Version0.57.0 Updaterc0
Rocketchat ≫ Rocket.Chat Version0.57.0 Updaterc1
Rocketchat ≫ Rocket.Chat Version0.57.0 Updaterc2
Rocketchat ≫ Rocket.Chat Version0.57.0 Updaterc3
Rocketchat ≫ Rocket.Chat Version0.57.1
Rocketchat ≫ Rocket.Chat Version0.57.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.405 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.