PT-2023-21646 · Unknown · Rocket.Chat
Gronke
·
Published
2023-05-09
·
Updated
2023-05-16
·
CVE-2023-28318
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Rocket.Chat (affected versions not specified)
Description
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the
Message KeepHistory or Message ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authorization
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rocket.Chat