Vulnerabilities > Rocket Chat > Rocket Chat > 3.11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-22886 | Cross-site Scripting vulnerability in Rocket.Chat Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. | 4.3 |