4 matches found
EUVD-2017-1375
Malware in sbrugna...
Remote Code Execution(RCE)
Nteract is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a lack of input validation in the Markdown link parsing functionality, allowing malicious actors to execute arbitrary code remotely...
Rocket.Chat Cross-Site Scripting Vulnerability
Rocket.Chat is an open source built in JavaScript using the Meteor fullstack framework developed by the Web chat server . A cross-site scripting vulnerability exists in the markdown link parsing code used for messages in Rocket.Chat. A remote attacker can exploit this vulnerability to inject...
PT-2017-10764 · Rocket.Chat · Rocket.Chat
Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions 0.8.0 and newer Description: The issue concerns an XSS vulnerability in the markdown link parsing code for messages. Recommendations: For Rocket.Chat versions 0.8.0 and newer, at the moment, there is no information about ...