Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/05/11 12:0 a.m.5 views

PT-2026-39855

Name of the Vulnerable Software and Affected Versions Outline versions 0.84.0 through 1.6.1 Description The comment section allows users to mention other users, but the backend fails to validate or sanitize the href attribute associated with these mentions. This allows the use of dangerous...

7.3CVSS6.2AI score0.00037EPSS
Exploits0References3
OSV
OSVadded 2024/02/12 9:15 a.m.1 views

CVE-2023-41703

User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...

6.1CVSS5.8AI score
Exploits0References3
Prion
Prionadded 2022/09/23 7:15 p.m.16 views

Information disclosure

An information disclosure vulnerability exists in Rocket.Chat v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room...

4CVSS6.1AI score0.0036EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/09/23 12:0 a.m.2 views

PT-2022-21159 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Description: An information disclosure issue exists due to the getUserMentionsByChannel meteor server method, which discloses messages from private channels and direct messages regardless of the user's access...

6.5CVSS6.2AI score0.0036EPSS
Exploits1References5
CNNVD
CNNVDadded 2022/09/23 12:0 a.m.2 views

Rocket.Chat 信息泄露漏洞

Rocket.Chat is an open source team chat software. A vulnerability exists in Rocket.Chat prior to version 5.0 due to an authorization issue, which stems from a leak in the getUserMentionsByChannel meteor server method that can be exploited by an attacker to obtain sensitive information...

4.3CVSS6.6AI score0.00202EPSS
Exploits1References2
Kitploit
Kitploitadded 2014/09/10 2:29 a.m.13 views

tinfoleak - Get detailed information about a Twitter user activity

tinfoleak is a simple Python script that allow to obtain: basic information about a Twitter user name, picture, location, followers, etc. devices and operating systems used by the Twitter user applications and social networks used by the Twitter user place and geolocation coordinates to generate ...

6.9AI score
Exploits0
Atlassian
Atlassianadded 2014/01/10 2:48 p.m.17 views

@mention Notification for Comments on Restricted Page in Confluence 5.4.x

In Confluence 5.4.x versions, the user is getting comment notifications in a page that he's restricted to view. If you restrict an user to view or edit the page through 'Tools Restrictions' and then comment in a page, the user will get the notification about it in the Workbox. h4.Steps to...

2.8AI score
Exploits0Affected Software1
Rows per page
Query Builder