Chat, an open source team chat software, is vulnerable in versions prior to 4.7.5, 4.8.0 and later, and prior to 4.8.2. The vulnerability stems from a failure of the getReadReceipts Meteor server method to properly filter user input passed to a MongoDB query. An attacker could exploit the vulnerability to allow $regex queries to enumerate arbitrary message IDs.
CPE | Name | Operator | Version |
---|---|---|---|
rocket.chat rocket.chat >=4.8.0, | lt | 4.8.2 | |
rocket.chat rocket.chat | lt | 4.7.5 |