CVE-2002-2410

openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information...

Rocket.Chat: Pinning leaks message content

The message content could be improperly pinned, allowing the content to be leaked to an unauthorized client. Validation was lacking in the pinMessage method, which allowed arbitrary messages to be pinned regardless of the user's access. This permitted messages from private channels to be exposed ...