Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-32228
HistorySep 23, 2022 - 7:15 p.m.

Information disclosure

2022-09-2319:15:00
PRIOn knowledge base
www.prio-n.com
3
rocket.chat
vulnerability
information disclosure
mongodb
nvd

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

24.8%

An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs.

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

24.8%

Related for PRION:CVE-2022-32228