{"id":"CVE-2017-16782","details":"In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS.","modified":"2026-04-10T03:59:04.971930Z","published":"2017-11-10T23:29:00.323Z","references":[{"type":"FIX","url":"https://github.com/home-assistant/home-assistant-polymer/pull/514"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/home-assistant/home-assistant","events":[{"introduced":"0"},{"last_affected":"e620479cc83ab44b3b2cf29fc13c26f8e9f4953a"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.56.2"}]}}],"versions":["0.10","0.10.1","0.11","0.11.1","0.12","0.13","0.13.1","0.14","0.14.1","0.14.2","0.15","0.16","0.16.1","0.17","0.17.1","0.17.2","0.17.3","0.18","0.19","0.19.1","0.19.2","0.19.3","0.19.4","0.20","0.20.1","0.20.2","0.20.3","0.21","0.21.1","0.21.2","0.22","0.23","0.23.1","0.24","0.24.1","0.25","0.25.1","0.25.2","0.26","0.26.1","0.26.2","0.26.3","0.27.0","0.27.1","0.27.2","0.28.1","0.28.2","0.29","0.29.2","0.29.3","0.29.4","0.29.5","0.29.6","0.29.7","0.30","0.30.1","0.30.2","0.31","0.31.1","0.32","0.32.1","0.32.2","0.32.3","0.32.4","0.33","0.33.1","0.33.2","0.33.3","0.33.4","0.34","0.34.1","0.34.2","0.34.3","0.34.4","0.34.5","0.35","0.35.1","0.35.2","0.35.3","0.36","0.36.1","0.37","0.37.1","0.38","0.38.1","0.38.2","0.38.3","0.38.4","0.39","0.39.1","0.39.2","0.39.3","0.40","0.40.1","0.40.2","0.41","0.42","0.42.1","0.42.2","0.42.3","0.42.4","0.43","0.43.1","0.43.2","0.44","0.44.1","0.44.2","0.45","0.45.1","0.46","0.46.1","0.47","0.47.1","0.48","0.48.1","0.49","0.49.1","0.50","0.50.2","0.51","0.51.1","0.51.2","0.52","0.52.1","0.53","0.53.1","0.54","0.55","0.55.1","0.55.2","0.56","0.56.1","0.56.2","0.7.3","0.7.4","0.7.5","0.7.7","0.8","0.9","0.9.1","Last-Python2-release"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16782.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}