cve-2017-1000054
Vulnerability from cvelistv5
Published
2017-07-13 20:00
Modified
2024-08-05 21:53
Severity ?
Summary
Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.
References
cve@mitre.orghttps://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/Broken Link, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/Broken Link, URL Repurposed
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:53:06.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-05-06T00:00:00",
      "datePublic": "2017-07-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-13T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-05-06T20:43:28.303962",
          "ID": "CVE-2017-1000054",
          "REQUESTER": "theblazehen@theblazehen.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/",
              "refsource": "MISC",
              "url": "https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000054",
    "datePublished": "2017-07-13T20:00:00",
    "dateReserved": "2017-07-10T00:00:00",
    "dateUpdated": "2024-08-05T21:53:06.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-1000054\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-07-17T13:18:17.673\",\"lastModified\":\"2024-11-21T03:04:03.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages.\"},{\"lang\":\"es\",\"value\":\"En Rocket.Chat versi\u00f3n 0.8.0 y m\u00e1s recientes, es vulnerable a ataques de tipo Cross-Site Scripting (XSS) en el enlace markdown al analizar c\u00f3digo  para los mensajes.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF613F17-D4DA-47C2-92B9-A03762409266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1F5D57-8DE5-4007-BB4B-BCF7712704E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA12B02-8256-478E-8979-085033689C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A13209C-A0DE-4933-8F75-E5E552B0D911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A09462FD-7DA0-4F39-8CE4-83FE4CDDC56F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A3CB778-9518-4BE2-A7DF-E31CADF72D93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BDB79A5-D83C-4F17-BD74-5CF7EF394FDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CFB2D52-5E32-4962-B999-FD878D3EACDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E057DD1-5A2C-48D7-B0EE-610AFEC5D977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A405C9F-A862-4A65-820B-5464501C14B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4136EB-315F-42C9-BBFB-CABC9D6BC4F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F9F418B-9BF7-43D5-A971-0DF847DF7277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"605DE665-18E6-4E77-9E21-6ACE13715747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E51EDED-8576-4D30-A65B-5B6570E09902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E6002C4-B504-4734-8991-ACCC98004322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD2FFFD-8CAF-4EEB-A8C1-F91E6D6FBA54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4292722-2628-40A8-AB1F-B9651561BF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.21.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56B1C015-BB14-4FF7-920A-95FD19791EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6398A7AA-31F4-4F3E-A9BC-192A7BAF1290\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A97AD43-7079-450A-B63A-047D969F0FA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA5017E5-E028-4C41-87EE-D7E4253DD75F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.25.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022F782A-4CF6-4DE2-92A2-402CABEBA855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23F9A7ED-C75F-4E73-8ACE-5A1CFD08576A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF0FD7DD-6957-4DED-B454-A2C8097E21EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"019CCA80-45D0-4583-9ED5-1226E6A599C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48CDC0BF-EDEC-4791-8044-2ADB6F55F16A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.30.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBFC2DE9-0173-4832-B70C-935CF76C9246\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3620536-7C42-404C-B700-54ACA911C322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43928E9D-27A9-4885-8674-C96F71A7C6E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82E215C8-8F24-4C3A-9A87-171D193399F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B297B25-8EA9-4F71-A95D-2881C013F687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D4D2A8-3F4D-4BC0-8207-7FDDB03234D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E40487-EED3-4E63-AC5B-21A20150E5DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3E6B455-7374-428C-9A8C-1396E030A69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E024BC91-C485-4AF7-A493-7E45C6C041A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09E694FC-CED3-4CA7-B61A-A57BFED5D94A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.39.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F9A3A69-DB5E-4A56-91ED-58F74FFD39E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.40.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"787BEB5F-FEC7-4389-8E78-91919651B6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AD3A6BD-11D5-41E5-923A-894128E29A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.42.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C6717EB-C447-4E9E-922B-ACFF6353EA03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.43.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21AEEC3F-A07C-4065-BAD8-F15F7A4D245C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.44.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084BE169-F602-4D09-A53A-B617F3AF877A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.45.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969032CA-69E2-4B56-A5DC-090998B64153\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.46.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93DB4DF8-43CF-4710-86BB-083FF4619534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0409F829-EB84-4BC3-8519-51AAFE48481C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.47.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CFFD3CE-38CE-4B69-9A93-B6F8E5394CC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.48.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4529DFF4-B595-47AE-8F93-7A67768A82F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.48.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5A5476F-3574-402A-8551-70955324A55D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.48.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F983EFB8-9BDA-44AD-9D19-45F232FEAC53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.49.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DBF1925-706F-4661-9E7C-04E762419F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.49.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84C84C49-DE87-4879-ABD3-A788987A1E99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.49.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5794EBDF-878A-426E-B3DC-4A5CBD3DCE06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.49.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5915B364-0146-49FC-8708-06EE99800CD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.49.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B162B88-927D-4761-90E2-51869ABAFABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.50.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA45689-7905-45CF-A71B-13CF4A609E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.50.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"828FC0D7-D7DC-4A55-B32D-D0D60E3E5AB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.51.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D4CC11-F44F-42CA-B78F-FC96F4936456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.52.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"191F4459-A96C-4376-96AE-6EF14E09AB82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.53.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"606DD15D-9973-4B5A-845C-5264CC9FC28A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.54.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50085232-AA00-4213-B662-7D8B7B488E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.54.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE7B5363-2506-4712-B8FC-B8AB91A9FA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.54.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB9F77E-72E1-44C2-9DB3-AE3450B20F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.55.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"452815AF-AF46-4B34-8005-2EF3E0DE10A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.55.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F04CA793-BA74-439D-994A-AB81EBFB283E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.56.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11D2B2F-4948-4D31-A484-422985115575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D448E0E-2F92-4B30-A127-53A3A8ED0A3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9F6F05B-B0C9-4DAD-B848-F1B577B360B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F1263E3-91BF-4038-8E70-725CB2BEF646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F71F660-9087-40F4-A656-50E18EDC0BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1F8BF1-64BC-44DB-AE75-5BDF29F30F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D984700-ED1F-4C03-81D7-E59EE51E5825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rocketchat:rocket.chat:0.57.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F4A695-0C1D-4E21-8137-29B85760DD04\"}]}]}],\"references\":[{\"url\":\"https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"URL Repurposed\"]},{\"url\":\"https://www.theblazehen.com/posts/CVE-2017-xxxxxx-rocketchat-xss-with-markdown-url-handling-in-messages/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"URL Repurposed\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.