Vulnerabilities > Home Assistant > Home Assistant > 0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-16782 | Cross-site Scripting vulnerability in Home-Assistant In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS. | 4.3 |