Vulnerabilities > Rocket Chat

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-30	CVE-2020-29594	Unspecified vulnerability in Rocket.Chat Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login. network low complexity rocket-chat	7.5
2020-08-18	CVE-2020-15926	Cross-site Scripting vulnerability in Rocket.Chat Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side. network rocket-chat CWE-79	4.3
2019-10-21	CVE-2019-17220	Cross-site Scripting vulnerability in Rocket.Chat Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line. network rocket-chat CWE-79	4.3
2018-07-11	CVE-2018-13879	Cross-site Scripting vulnerability in Rocket.Chat A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. network rocket-chat CWE-79	3.5
2018-07-11	CVE-2018-13878	Cross-site Scripting vulnerability in Rocket.Chat An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. network rocket-chat CWE-79	4.3
2018-01-03	CVE-2017-1000493	Injection vulnerability in Rocket.Chat Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover network low complexity rocket-chat CWE-74	7.5

Vulnerabilities > Rocket Chat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Rocket Chat"}]}