CVE-2020-15926
https://notcve.org/view.php?id=CVE-2020-15926
Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side. Rocket.Chat versiones hasta 3.4.2, permite un ataque de tipo XSS donde un atacante puede enviar un mensaje especialmente diseñado hacia un canal o en un mensaje directo al cliente que resulta en la ejecución de código remota en el lado del cliente. • https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html https://github.com/RocketChat/Rocket.Chat/commits/develop https://github.com/RocketChat/Rocket.Chat/pull/18356 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-17220 – Rocket.Chat 2.1.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-17220
Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line. Rocket.Chat versiones anteriores a 2.1.0, permite un ataque de tipo XSS por medio de una URL en una línea ![title]. Rocket.Chat version 2.1.0 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/47537 http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html https://github.com/RocketChat/Rocket.Chat/commits/develop https://github.com/RocketChat/Rocket.Chat/releases https://www.nezami.me • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-13879
https://notcve.org/view.php?id=CVE-2018-13879
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html. Se ha descubierto un problema de Cross-Site Scripting (XSS) reflejado en el formulario de registro en Rocket.Chat en versiones anteriores a la 0.66. Cuando se crea una cuenta, el siguiente paso solicitará un nombre de usuario. • https://github.com/RocketChat/Rocket.Chat/issues/10795 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-13878
https://notcve.org/view.php?id=CVE-2018-13878
An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel. Se ha descubierto un problema de Cross-Site Scripting (XSS) en packages/rocketchat-mentions/Mentions.js en Rocket.Chat en versiones anteriores a la 0.65. El nombre real de un nombre de usuario se muestra sin escapar cuando se menciona al usuario (con el símbolo @) en un canal o chat privado. • https://github.com/RocketChat/Rocket.Chat/pull/10793 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1000493
https://notcve.org/view.php?id=CVE-2017-1000493
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover Rocket.Chat Server, en su versión 0.59 y anteriores, es vulnerable a una inyección NoSQL que conduce a la toma de control de la cuenta de administrador. • http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html https://github.com/RocketChat/Rocket.Chat/pull/8408 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •