AskarLabs AskarLabs
Home

CMS Security

vs vScan Continuous CMS vulnerability scanning wa WP-Audit Wordpress Security Audit Tool

Identity & Access

pl PasswordLab Self-hosted password manager for business
Docs

Browse

all All CVEs Full database, no filters wp WooCommerce CVEs Plugins wp Elementor CVEs Plugins

By Platform

wp WordPress CVEs Plugins, themes & core jm Joomla CVEs Extensions & core dr Drupal CVEs Modules & core
Talk to us
Home / CVE Database / CVE-2020-8291
CVE-2020-8291

CVE-2020-8291

Vendor N/A
Product Rocket.Chat server
Weakness CWE-79 · XSS
Published October 18, 2021
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks.

Key dates

02Disclosure timeline

October 18, 2021 CVE published
August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-8291 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2025-62058 WordPress Houzez Theme - Functionality plugin < 4.2.0 - Cross Site Scripting (XSS) vulnerability CVE-2025-7760 Reflected XSS in Ofisimo's Association Web Package Flora CVE-2025-31455 WordPress Limit Max IPs Per User plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2025-23845 WordPress ImageMeta Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2025-49898 WordPress Dropshix plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability

Identifiers

CVE CVE-2020-8291
CWE CWE-79

Affected versions

Vendor N/A
Product Rocket.Chat server
Affected Fixed versions: 3.10, 3.9.4, 3.8.5
ASKARLABS
AskarLabs

We build essential tools for the teams keeping things running - quiet, honest software for the sites you ship and the secrets your team types every day.

CMS Security

  • vScan
  • WP-Audit

Identity & Access

  • PasswordLab
  • Features
  • Pricing
  • Free license

Resources

  • Docs
  • CVE Database
  • WordPress CVEs
  • Joomla CVEs
  • Drupal CVEs

Company

  • Contact
  • Security

Legal

  • Privacy
  • Terms
  • Cookies
  • GDPR
© 2026 AskarLabs. All trademarks are the property of their respective owners.
AskarLabs
CMS Security
vScan WP Audit
Identity & Access
PasswordLab Docs
CVE Database
All CVEs WordPress CVEs Joomla CVEs Drupal CVEs Talk to us