➠ Rocket.Chat: Insecure use of shell.openExternal() leads to RCE in Rocket.Chat-Desktop
Rocket.Chat-Desktop passes the parameter url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the......
Zur Startseite
➤ Ähnliche Beiträge für 'Rocket.Chat: Insecure use of shell.openExternal() leads to RCE in Rocket.Chat-Desktop'
Rocket.Chat Server bis 0.59 NoSQL SQL Injection
vom 893.97 Punkte
Es wurde eine Schwachstelle in Rocket.Chat Server bis 0.59 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine unbekannte Funktion der Komponente NoSQL. Mit der Manipulation mit einer unbekannten Eingabe kann eine SQL Injection-Schwachstelle ausgenutzt
ReactJs Chat Component: Easily add chat to your react app.
vom 838.95 Punkte
This article was originally published on the DeadSimpleChat blog: ReactJs Chat Component: Easily add chat to your react app.
In this article we will be building a react js chat component. You can easily add the chat component to your react applicati
The April 2022 Security Update Review
vom 570.65 Punkte
Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.Adobe Patches for April 2022For April, Ad
Docker Tutorial
vom 558.42 Punkte
✨ Docker Tutorial Chapters
Small Tips: Starting with ⚡ means that it is a command that you can run in your terminal.
💖 Introduction
Why should I use Docker 🐳 ?
Then what is Docker? 🐳
So we use docker for :
How does Docker wor
The April 2021 Security Update Review
vom 470.52 Punkte
It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microsoft are released. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch
Shell Backdoor List - PHP / ASP Shell Backdoor List
vom 454.07 Punkte
What is a shell backdoor ?A backdoor shell is a malicious piece of code (e.g. PHP, Python, Ruby) that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files o
The April 2023 Security Update Review
vom 437.28 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft (and others) have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of the latest offerings from Micros
The March 2022 Security Update Review
vom 427.15 Punkte
It’s once again Patch Tuesday, which means the latest security updates from Adobe and Microsoft have arrived. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.Adobe Patches for
The May 2019 Security Update Review
vom 408.96 Punkte
May is here and so are the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month.
Adobe Patches for May 2019
This month, Ad
The August 2022 Security Update Review
vom 408.14 Punkte
It’s the second Tuesday of the month, and the last second Tuesday before Black Hat and DEFCON, which means Microsoft and Adobe have released their latest security fixes. Take a break from packing (if you’re headed to hacker summer camp) or your nor
The October 2023 Security Update Review
vom 403.03 Punkte
Twenty years ago this month, Microsoft introduced the concept of “Patch Tuesday” – although the marketing folks wanted it called “Update Tuesday” (they didn’t like the word “patch”). Over the years, more companies joined the Patch Tuesd
The March 2021 Security Update Review
vom 398.26 Punkte
It’s the third second Tuesday of the year, which means we get the latest security updates from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for their latest security offerings. Adobe Patch