Description

A blind self XSS vulnerability exists in RocketChat LiveChat

Remediation

References

https://hackerone.com/reports/1091118

Related Vulnerabilities

CVE-2023-36479 Vulnerability in maven package org.eclipse.jetty.ee10:jetty-ee10-servlets

CVE-2022-35949 Vulnerability in npm package undici

CVE-2022-32114 Vulnerability in npm package @strapi/strapi

CVE-2020-15168 Vulnerability in npm package node-fetch

CVE-2020-7760 Vulnerability in maven package org.webjars:codemirror

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Exploit Third Party Advisory