2 matches found
CVE-2022-32229
creationtimestamp| type| source ---|---|--- 2022-09-23 22:19:56+00:00| seen| https://t.me/cibsecurity/50396...
CVE-2022-32229
CVE-2022-32229 affects Rocket.Chat prior to 5.x, caused by lack of sanitization in the /api/v1/chat.getThreadsList endpoint. This MongoDB injection flaw can disclose private thread messages to unauthorized users, as demonstrated by the HackerOne report and multiple CVE references. The issue impac...