Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-32056

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00773EPSS
Exploits0References1
OSV
OSVadded 2025/06/13 2:7 p.m.2 views

GHSA-86XF-2MGP-GV3G starcitizentools/citizen-skin allows stored XSS in search no result messages

Summary The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages are inserted as raw HTML by the mustache template:...

6.5CVSS7AI score0.00156EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/05/23 6:1 a.m.2 views

CVE-2023-28358

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

6.1CVSS7AI score0.00773EPSS
Exploits0References1
CNVD
CNVDadded 2023/05/15 12:0 a.m.17 views

Rocket.Chat Search Messages Cross-Site Scripting Vulnerability

Rocket.Chat is an open source team chat software. Rocket.Chat Search Messages suffers from a cross-site scripting vulnerability that can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack a user's session when...

6.1CVSS5.8AI score0.00773EPSS
Exploits0References1
Prion
Prionadded 2023/05/11 10:15 p.m.8 views

Design/Logic Flaw

A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...

5.8CVSS6.1AI score0.00773EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/05/11 12:0 a.m.44 views

CVE-2023-28358

CVE-2023-28358 affects Rocket.Chat via a markdown parsing issue in the Search Messages feature. The vulnerability allows insertion of malicious tags due to improper parsing, enabling a cross-site scripting (XSS) vector that can be used to obtain sensitive information or potentially lead to accoun...

6.1CVSS6.2AI score0.00773EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2023/05/11 12:0 a.m.0 views

Rocket.Chat 跨站脚本漏洞

Rocket.Chat is an open source team chat software. Rocket.Chat Search Messages suffers from a cross-site scripting vulnerability that can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack a user's session when...

6.1CVSS5.9AI score0.00773EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/05/11 12:0 a.m.1 views

PT-2023-21668 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat affected versions not specified Description: A markdown parsing issue in the "Search Messages" feature of Rocket.Chat allows the insertion of malicious tags. This issue can be exploited on servers with content security policy...

6.1CVSS6AI score0.00773EPSS
Exploits0References6
Hacker One
Hacker Oneadded 2022/11/22 2:38 p.m.27 views

Rocket.Chat: Cross-Site-Scripting in "Search Messages"

Vulnerability description not provided...

6.1CVSS6.2AI score0.00773EPSS
Exploits0
Rows per page
Query Builder