CVE-2020-8292

CVE-2020-8292

EPSS 0.9%CWE-79

Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes.

Produtos afetados

n/a · Rocket.Chat server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://docs.rocket.chat/guides/security/security-updates https://hackerone.com/reports/962902