CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/23 8:26 a.m.•3 views

CVE-2024-47048

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps...

5.4CVSS5.9AI score0.00176EPSS

Exploits0References1

NVD•added 2024/09/25 1:15 a.m.•11 views

CVE-2024-47048

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps...

5.4CVSS0.00176EPSS

Exploits0References2

OSV•added 2024/09/25 1:15 a.m.•8 views

CVE-2024-47048

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps...

5.4CVSS5.8AI score

Exploits0References2

CNNVD•added 2024/09/25 12:0 a.m.•1 views

Rocket.Chat 安全漏洞

Rocket.Chat is a chat program from Rocket.Chat, Inc. A security vulnerability exists in Rocket.Chat that stems from storing cross-site scripting in the description and release notes of marketplace and private applications. The following versions are affected: version 6.12.0, version 6.11.2, versi...

5.4CVSS6.1AI score0.00176EPSS

Exploits0References3

Cvelist•added 2024/09/24 12:0 a.m.•8 views

CVE-2024-47048

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps...

0.00176EPSS

Exploits0References2

CVE•added 2024/09/24 12:0 a.m.•58 views

CVE-2024-47048

The CVE describes a stored XSS vulnerability in Rocket.Chat where the attack surface is the description and release notes fields of marketplace and private apps. Affected versions include Rocket.Chat 6.12.0 and older (as listed across multiple sources). The underlying issue is stored XSS in those...

5.4CVSS5.9AI score0.00176EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/09/24 12:0 a.m.•12 views

CVE-2024-47048

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps...

5.9AI score0.00176EPSS

Exploits0References2

Hacker One•added 2021/01/23 2:10 p.m.•15 views

Shopify: [h1-2102] shopApps query from the graphql at /users/api returns all existing created apps, including private ones

Summary: I have seen that there is query called shopApps executable on the /ID/users/api graphql that returns a huge amount of apps it timeouts with a limiting. In the response I have noticed the returned apps also include the private apps, so I do not think that this is intented like this. Using...

Exploits0

Hacker One•added 2016/08/01 1:21 a.m.•27 views

Shopify: Staff member can delete Private Apps

Hi Team, Bug description : I noticed that Full access staff member doesn't have access to private Apps Even he has access to Apps. But a Staff member can actually Delete Private Apps through the normal App link by changing the ID. Steps to reproduce : 1. Create A shop and install any app. Also...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by