Messages can be hidden regardless of server configuration
Medium
R
Rocket.Chat
Submitted None
Team Summary
Official summary from Rocket.Chat
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.
Actions:
Reported by
gronke
Report Details
Additional information and metadata
State
Closed
Substate
Resolved