๐ CVE-2022-35249 | Rocket.Chat up to 4.x Direct Message getUserMentionsByChannel information disclosure
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability classified as problematic was found in Rocket.Chat up to 4.x. Affected by this vulnerability is the function getUserMentionsByChannel
of the component Direct Message Handler. The manipulation leads to information disclosure.
This vulnerability is known as CVE-2022-35249. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component. ...