Vulnerabilities > CVE-2023-28318 - Unspecified vulnerability in Rocket.Chat

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
rocket-chat

Summary

A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.

Vulnerable Configurations

Part Description Count
Application
Rocket.Chat
1