Vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file sharing and video conferences. Chat, which allows attackers to expose sensitive information.

The vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file and video conferencing exchanges. Chat-related vulnerabilities involve insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose...

PT-2022-4943 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: An information disclosure issue exists due to insufficient input validation in the actionLinkHandler method, allowing Message...