7 matches found
EUVD-2022-53429
Malicious code in bioql PyPI...
CVE-2022-32229
A information disclosure vulnerability exists in Rockert.Chat...
CVE-2022-32229
A information disclosure vulnerability exists in Rockert.Chat v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection...
Information disclosure
A information disclosure vulnerability exists in Rockert.Chat v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection...
CVE-2022-32229
A information disclosure vulnerability exists in Rockert.Chat v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection...
CVE-2022-32229
A information disclosure vulnerability exists in Rockert.Chat v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection...
CVE-2022-32229
CVE-2022-32229 affects Rocket.Chat prior to 5.x, caused by lack of sanitization in the /api/v1/chat.getThreadsList endpoint. This MongoDB injection flaw can disclose private thread messages to unauthorized users, as demonstrated by the HackerOne report and multiple CVE references. The issue impac...