2 matches found
CVE-2022-35250
A privilege escalation vulnerability exists in Rocket.chat v5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions...
CVE-2022-35250
Rocket.Chat suffers from a privilege-escalation vulnerability (CVE-2022-35250) in versions below 5.0 where any authenticated user could elevate privileges to view Direct Messages without proper permissions. The issue stems from improper privilege management, enabling users with restricted roles t...