CVE-2020-15926

Published August 18th, 2020

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side.

RocketChat/Rocket.Chat

The Secure CommsOS™ for mission-critical operations

GitHub

45.7K