Rocket.Chat, an open source team chat software, suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the chat window, which could be exploited by attackers to cause cross-site manipulation of its style, block functionality, and hijack the target userβs content.
CPE | Name | Operator | Version |
---|---|---|---|
rocket.chat rocket.chat | lt | 5.0 |