Vulnerabilities

CVE-2023-28325

by Fred · 11/05/2023

An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.
Date published : 2023-05-11

https://hackerone.com/reports/1406479

Similar

Tags: Cybersecurity Alert