CVE-2023-28359 in Rocket.Chatinfo

Zusammenfassung

von MITRE • 12.05.2023

A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

15.03.2023

Veröffentlichung

12.05.2023

Moderieren

akzeptiert

Eintrag

VDB-228857

CPE

bereit

EPSS

0.00610

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!