Low authorization level at server side API operation e2e.updateGroupKey, let an attacker break the E2E architecture.

Disclosed: 2023-02-16 22:19:11 By f0ns1 To rocket_chat
High
Vulnerability Details
No vulnerability description provided or it is restricted.
Actions
View on HackerOne
Report Stats
  • Report ID: 1757663
  • State: Closed
  • Substate: resolved
  • Upvotes: 14
Share this report