EUVD-2022-53419

Malicious code in bioql PyPI...

CVE-2022-32218

An information disclosure vulnerability exists in Rocket.Chat...

Rocket.Chat actionLinkHandler Information Disclosure Vulnerability

Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...

Information disclosure

An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries...

CVE-2022-32218

An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries...

CVE-2022-32218

CVE-2022-32218 – Rocket.Chat information disclosure : The vulnerability stems from actionLinkHandler/ actionLinks.getMessage not validating input, allowing authenticated users to enumerate Message IDs via a regex MongoDB query. Impact: potential exposure of sensitive information by enumerating ex...

Rocket.Chat 信息泄露漏洞

Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...

PT-2022-4943 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: An information disclosure issue exists due to insufficient input validation in the actionLinkHandler method, allowing Message...