CVE-2017-16782
- Source
- https://cve.org/CVERecord?id=CVE-2017-16782
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16782.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-16782
- Published
- 2017-11-10T23:29:00.323Z
- Modified
- 2026-04-10T03:59:04.971930Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS.
- References
Affected packages
Git / github.com/home-assistant/home-assistant
Affected versions
0.*
0.10
0.10.1
0.11
0.11.1
0.12
0.13
0.13.1
0.14
0.14.1
0.14.2
0.15
0.16
0.16.1
0.17
0.17.1
0.17.2
0.17.3
0.18
0.19
0.19.1
0.19.2
0.19.3
0.19.4
0.20
0.20.1
0.20.2
0.20.3
0.21
0.21.1
0.21.2
0.22
0.23
0.23.1
0.24
0.24.1
0.25
0.25.1
0.25.2
0.26
0.26.1
0.26.2
0.26.3
0.27.0
0.27.1
0.27.2
0.28.1
0.28.2
0.29
0.29.2
0.29.3
0.29.4
0.29.5
0.29.6
0.29.7
0.30
0.30.1
0.30.2
0.31
0.31.1
0.32
0.32.1
0.32.2
0.32.3
0.32.4
0.33
0.33.1
0.33.2
0.33.3
0.33.4
0.34
0.34.1
0.34.2
0.34.3
0.34.4
0.34.5
0.35
0.35.1
0.35.2
0.35.3
0.36
0.36.1
0.37
0.37.1
0.38
0.38.1
0.38.2
0.38.3
0.38.4
0.39
0.39.1
0.39.2
0.39.3
0.40
0.40.1
0.40.2
0.41
0.42
0.42.1
0.42.2
0.42.3
0.42.4
0.43
0.43.1
0.43.2
0.44
0.44.1
0.44.2
0.45
0.45.1
0.46
0.46.1
0.47
0.47.1
0.48
0.48.1
0.49
0.49.1
0.50
0.50.2
0.51
0.51.1
0.51.2
0.52
0.52.1
0.53
0.53.1
0.54
0.55
0.55.1
0.55.2
0.56
0.56.1
0.56.2
0.7.3
0.7.4
0.7.5
0.7.7
0.8
0.9
0.9.1
Other
Last-Python2-release