CVE-2022-35251 – A cross-site scripting vulnerability exists in Rocket.chat <v5 due to style injection i …

23 September 2022

Vuln ID: CVE-2022-35251

Published: 2022-09-23 19:15:14Z

Description: A cross-site scripting vulnerability exists in Rocket.chat <v5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed.

Source: NVD.NIST.GOV

Date:

23 September 2022

Categorie(s):

NVD

Tag(s):

NVD

From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #35819 April 2024
Cybersecurity firm Wiz reportedly in talks to buy Lacework for $150M-$200M19 April 2024
Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits18 April 2024
6 Best Free and Open-Source Web Application Firewalls18 April 2024
Ransomware feared as IT ‘issues’ force Octapharma Plasma to close 150+ centers18 April 2024