WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2022-21830 Vulnerability in npm package @rocket.chat/livechat

Description

A blind self XSS vulnerability exists in RocketChat LiveChat

Remediation

References

https://hackerone.com/reports/1091118

Related Vulnerabilities

CVE-2017-18197 Vulnerability in maven package org.webjars.npm:mxgraph

CVE-2022-21191 Vulnerability in npm package global-modules-path

CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-shuffle_2.10

CVE-2020-17518 Vulnerability in maven package org.apache.flink:flink-runtime_2.11

CVE-2019-15607 Vulnerability in npm package node-red

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Exploit Third Party Advisory