Design/Logic Flaw

2019-10-2121:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

45.9%

Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line.

CPENameOperatorVersion
rocket.chatlt2.1.0

CPE	Name	Operator	Version
	rocket.chat	lt	2.1.0

References

packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html

github.com/RocketChat/Rocket.Chat/commits/develop

github.com/RocketChat/Rocket.Chat/releases

www.nezami.me/

0.001 Low

EPSS

Percentile

45.9%

Related for PRION:CVE-2019-17220