totaljs/messenger

totaljs/messenger

GitHubGitHub
GitHubgithub.com
Releases0
Stars70
Node.js Open-Source Slack alternative
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2023-30095
5.4 MEDIUM

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel description field.

CVE-2023-30096
5.4 MEDIUM

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user information field.

CVE-2023-30097
5.4 MEDIUM

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field.