CVE-2017-1000054

CVE-2017-1000054

EPSS 0.7%

Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/