A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1379451 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-05-09T00:00:00
Updated: 2023-05-09T00:00:00
Reserved: 2023-03-14T00:00:00
Link: CVE-2023-28318
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-09T22:15:10.083
Modified: 2023-05-16T20:03:20.540
Link: CVE-2023-28318
JSON object: View
Redhat Information
No data.