CVE-2020-8288

2021-01-2119:13:16

CWE-79

hackerone

www.cve.org

0.001 Low

EPSS

Percentile

29.6%

JSON

The specializedRendering function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the value parameter.

CNA Affected

[
  {
    "product": "Rocket.Chat server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in 3.9.2"
      }
    ]
  }
]