Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rocket.chat rocket.chat - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-30124
An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code).
Rocket.chat Rocket.chat
3.5
CVSSv2
CVE-2020-8288
The `specializedRendering` function in Rocket.Chat server prior to 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter.
Rocket.chat Rocket.chat
4.3
CVSSv2
CVE-2020-15926
Rocket.Chat up to and including 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side.
Rocket.chat Rocket.chat
5
CVSSv2
CVE-2020-26763
The Rocket.Chat desktop application 2.17.11 opens external links without user interaction.
Rocket.chat Rocket.chat 2.17.11
4.3
CVSSv2
CVE-2022-21830
A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an malicious user to trick a victim pasting malicious code in their chat instance.
Rocket.chat Livechat
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5