PT-2023-21646 · Unknown · Rocket.Chat
Gronke
·
Publicado
2023-05-09
·
Atualizado
2023-05-16
·
CVE-2023-28318
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Rocket.Chat (affected versions not specified)
Description
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the
Message KeepHistory or Message ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authorization
Origin Validation Error
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Rocket.Chat