Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Rocket.Chat - HackerOne Reports

View on HackerOne

82

Total Reports

16

Critical

22

High

32

Medium

9

Low

NoSQL-Injection discloses S3 File Upload URLs

Reported by: gronke | Disclosed:

Medium

Weakness: Information Disclosure

account takeover on 3.0.1 version

Reported by: elfiman | Disclosed:

Critical

Weakness: Insecure Direct Object Reference (IDOR)

Open redirect open.rocket.chat/file-upload/ID/filename.svg

Reported by: w2w | Disclosed:

Medium

Weakness: Open Redirect

It is possible to elevate privileges for any authenticated user to view permissions matrix and view Direct messages without appropriate permissions.

Reported by: garretby | Disclosed:

Medium

Weakness: Privilege Escalation

Custom crafted message object in Meteor.Call allows remote code execution and impersonation

Reported by: wreiske | Disclosed:

Critical

Weakness: Code Injection

NoSQL injection in listEmojiCustom method call

Reported by: rijalrojan | Disclosed:

High

Weakness: SQL Injection

Low authorization level at server side API operation e2e.updateGroupKey, let an attacker break the E2E architecture.

Reported by: f0ns1 | Disclosed:

High

Weakness: Improper Access Control - Generic

Registration bypass with leaked Invite Token

Reported by: gronke | Disclosed:

High

Weakness: Improper Authentication - Generic

XSS in various MessageTypes

Reported by: gronke | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Impersonation in Sequential Messages

Reported by: gronke | Disclosed:

Medium

Messages can be hidden regardless of server configuration

Reported by: gronke | Disclosed:

Medium

Retrospective change of message timestamp and order

Reported by: gronke | Disclosed:

Medium

Stored XSS in any message (leads to priv esc for all users and file leak + rce via electron app)

Reported by: psych0tr1a | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - DOM

Content-Security Policy bypass with File Uploads

Reported by: gronke | Disclosed:

High

Bypass local authentication (PIN code)

Reported by: dago_669 | Disclosed:

Medium

Weakness: Improper Authentication - Generic

Maliciously crafted message can cause Rocket.Chat server to stop responding

Reported by: vv9k | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

Hi! Security Team Rocket.Chat, It's possible to get information about the users emails without authentication

Reported by: khekhe | Disclosed:

Low

Weakness: Information Disclosure

IDOR vulnerability leads to Deleting message after leaving/getting banned from group using message ID

Reported by: yash24 | Disclosed:

Low

Weakness: Insecure Direct Object Reference (IDOR)

getUserMentionsByChannel leaks messages with mention from private channel

Reported by: gronke | Disclosed:

High

Weakness: Information Disclosure

Upload of Avatars for other Users

Reported by: gronke | Disclosed:

Medium

Weakness: Improper Access Control - Generic

Page 1 of 5 Next