CVE-2023-6910 Uncontrolled Resource Consumption in M-Files Server

A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource consumption. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests...

Rocket.Chat: Hi! Security Team Rocket.Chat, It's possible to get information about the users emails without authentication

Description: Email enumeration vulnerability. Vulnerable api method: /api/v1/users.2fa.sendEmailCode Releases Affected:: Rocket.Chat up to 3.10.5 Request for existing account: POST /api/v1/users.2fa.sendEmailCode HTTP/1.1 Host: rocket-chat.local:3000 Referer: http://rocket-chat.local:3000/home...