Fortinet Discovers RocketChat Rocket.Chat Cross Site Scripting
Fortinet's FortiGuard Labs has discovered a Cross Site Scripting vulnerability in RocketChat's Rocket.Chat.
Rocket.Chat is free, unlimited and open source. Replace email, HipChat & Slack with the ultimate team chat software solution.
RocketChat's Rocket.Chat is susceptible to a Cross Site Scripting vulnerability. The issue occurs when
the user input wrong command, the application show the error included user's input without escaping html.
Users should apply the solution provided by RocketChat
Fortinet reported the vulnerability to Rocket.Chat
This vulnerability was discovered by Nguyen Thanh Nguyen of Fortinet's FortiGuard Labs.