Lucene search
China National Vulnerability DatabaseCNVD-2022-88180HistorySep 28, 2022 - 12:00 a.m.
Rocket.Chat actionLinkHandler information disclosure vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
rocket.chat
open source
team chat
information disclosure
vulnerability
actionlinkhandler
message id enumeration
regex mongodb query
attacker
sensitive information
cnvd
EPSS
0.001
Percentile
24.8%
Rocket.Chat is a set of open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker could exploit the vulnerability to obtain sensitive information.
Related
cve
cve
CVE-2022-32218
2022-09-23 19:15:11
prion
prion
Information disclosure
2022-09-23 19:15:00
hackerone
hackerone
Rocket.Chat: Message ID Enumeration with Action Link Handler
2021-11-22 10:33:05
cvelist
cvelist
CVE-2022-32218
2022-09-23 18:28:13
nvd
nvd
CVE-2022-32218
2022-09-23 19:15:11
osv
osv
CVE-2022-32218
2022-09-23 19:15:11